[BlueOnyx:25312] Re: 5210r and iptables -> not working?
Michael Stauber
mstauber at blueonyx.it
Mon Jan 24 11:53:29 -05 2022
Hi Janwillem,
> I've setup a 5210 a few days ago, in the past (since 5206/5208/5209) I
> could add an iptables rule like:
>
> iptables -I INPUT 1 -s 5.34.205.0/24 <http://5.34.205.0/24> -j DROP
>
> and save it and it would block all traffic from that IP.
>
>
> On 5210 it seems to do nothing, maillog still shows:
>
> Jan 24 15:11:01 ds01 postfix/submission/smtpd[2286356]: warning:
> unknown[5.34.207.58]: SASL LOGIN authentication failed: authentication
> failure
>
>
> Any idea why it doesn't block the IP? I will get the APF package and
> fail2ban but need also a working iptables if possible.
BlueOnyx 5210R comes with Firewalld enabled by default. You can either
use Firewalld *or* IPtables. But not both at the same time.
In the Shop we have the old APF for 5210R, but when you buy that and
link it to a 5210R, it will offer you two PKGs instead of one:
- APF
- Firewalld
The Firewalld package for 5210R provides a GUI to manage the firewalld
rules on 5210R. If you also install Fail2ban for 5210R, it will detect
if you have APF or Firewalld enabled and will use whatever is enabled to
block offending IPs. You should not enable both APF and Firewalld, as
they get in each others ways.
If you want to manually block an IP via Firewalld, then you can do so
with the "firewall-cmd" command. Here is a good set of instructions on
how to use it:
https://kb.vander.host/security/how-to-block-an-ip-address-using-firewalld/
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list