Hi all,
hope this is the right forum and correct section.
I'm new to fail2ban and have some problems to get it running or better that it works as I expect it to work. My system is Ubuntu 20.04. My fail2ban (failban-client is in version 0.11.1) service is up and running (also restarted after the corresponding changes)
Also the detection of the IP works as expected, as you can see here
The banned IP address is exactly those how should be banned. Fail2ban have also created the following rules in my iptables (output from sudo iptables -L)
The only thing that puzzles me is the entry. I would have expected it to be just the IP, but here it has added one more part
However the command sudo iptables -L f2b-owncloud -v -n --line-numbers shows me an expected entry with the exact same ip
At the beginning I did not have ufw installed, but now I have also installed it. But this still does not prevent me from calling my owncloud service via port 80 or 443. I would have expected that after my IP is blocked, this would no longer be possible. But I can still access the service and even log in (with correct password, of course), although the IP is actually blocked (according to logs)
Does anyone here have any more ideas what the reason for this could be? Or what I could try?
Perhaps I should mention that the owncloud service is running as a Docker container behind a Nginx.
Thanks in advance
Daniel
hope this is the right forum and correct section.
I'm new to fail2ban and have some problems to get it running or better that it works as I expect it to work. My system is Ubuntu 20.04. My fail2ban (failban-client is in version 0.11.1) service is up and running (also restarted after the corresponding changes)
Also the detection of the IP works as expected, as you can see here
The banned IP address is exactly those how should be banned. Fail2ban have also created the following rules in my iptables (output from sudo iptables -L)
The only thing that puzzles me is the entry. I would have expected it to be just the IP, but here it has added one more part
However the command sudo iptables -L f2b-owncloud -v -n --line-numbers shows me an expected entry with the exact same ip
At the beginning I did not have ufw installed, but now I have also installed it. But this still does not prevent me from calling my owncloud service via port 80 or 443. I would have expected that after my IP is blocked, this would no longer be possible. But I can still access the service and even log in (with correct password, of course), although the IP is actually blocked (according to logs)
Does anyone here have any more ideas what the reason for this could be? Or what I could try?
Perhaps I should mention that the owncloud service is running as a Docker container behind a Nginx.
Thanks in advance
Daniel