[BlueOnyx:25313] Re: 5210r and iptables -> not working?
JW Ronken
jwronken at gmail.com
Mon Jan 24 15:42:04 -05 2022
Hi Michael
That explain why my IPtables rules had no effect (feeling stupid :)
Just saw in the shop that APF doesn’t use the GeoIP modulenon 5210, are
there alternatives?
If not I’ll setup a PfSense instance for that purpose.
Thanks again for the clarification!
Janwillem
On Mon, 24 Jan 2022 at 17:00, Michael Stauber <mstauber at blueonyx.it> wrote:
> Hi Janwillem,
>
> > I've setup a 5210 a few days ago, in the past (since 5206/5208/5209) I
> > could add an iptables rule like:
> >
> > iptables -I INPUT 1 -s 5.34.205.0/24 <http://5.34.205.0/24> -j DROP
> >
> > and save it and it would block all traffic from that IP.
> >
> >
> > On 5210 it seems to do nothing, maillog still shows:
> >
> > Jan 24 15:11:01 ds01 postfix/submission/smtpd[2286356]: warning:
> > unknown[5.34.207.58]: SASL LOGIN authentication failed: authentication
> > failure
> >
> >
> > Any idea why it doesn't block the IP? I will get the APF package and
> > fail2ban but need also a working iptables if possible.
>
> BlueOnyx 5210R comes with Firewalld enabled by default. You can either
> use Firewalld *or* IPtables. But not both at the same time.
>
> In the Shop we have the old APF for 5210R, but when you buy that and
> link it to a 5210R, it will offer you two PKGs instead of one:
>
> - APF
> - Firewalld
>
> The Firewalld package for 5210R provides a GUI to manage the firewalld
> rules on 5210R. If you also install Fail2ban for 5210R, it will detect
> if you have APF or Firewalld enabled and will use whatever is enabled to
> block offending IPs. You should not enable both APF and Firewalld, as
> they get in each others ways.
>
> If you want to manually block an IP via Firewalld, then you can do so
> with the "firewall-cmd" command. Here is a good set of instructions on
> how to use it:
>
> https://kb.vander.host/security/how-to-block-an-ip-address-using-firewalld/
>
> --
> With best regards
>
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20220124/3740ef93/attachment.html>
More information about the Blueonyx
mailing list