Vesta Control Panel - Forum

Posted: **Fri Jan 22, 2016 8:55 am**

Исходная задача - добавить 2 правила для сервера Freeswitch (SIP) и сделать так, чтобы в интерфейсе Vesta отображались забаненые адреса.

1) Добавил 2 правила в firewall - http://bit.ly/1nd33o0

2) Добавил в jail.local условия бана (по аналогии с другими)

SpoilerShow

Code: Select all

[ssh-iptables]
enabled  = true
filter   = sshd
action   = vesta[name=SSH]
logpath  = /var/log/auth.log
maxretry = 5

[vsftpd-iptables]
enabled  = true
filter   = vsftpd
action   = vesta[name=FTP]
logpath  = /var/log/vsftpd.log
maxretry = 5

[exim-iptables]
enabled = true
filter  = exim
action  = vesta[name=MAIL]
logpath = /var/log/exim4/mainlog

[dovecot-iptables]
enabled = false
filter  = dovecot
action  = vesta[name=MAIL]
logpath = /var/log/dovecot.log

[mysqld-iptables]
enabled  = false
filter   = mysqld-auth
action   = vesta[name=DB]
logpath  = /var/log/mysql.log
maxretry = 5

[vesta-iptables]
enabled = true
filter  = vesta
action  = vesta[name=VESTA]
logpath = /var/log/vesta/auth.log
maxretry = 5

[freetcp-iptables]
enabled  = true
filter   = freeswitch
action   = vesta[name=FREETCP]
logpath  = /usr/local/freeswitch/log/freeswitch.log
maxretry = 5

[freeudp-iptables]
enabled  = true
filter   = freeswitch
action   = vesta[name=FREEUDP]
logpath  = /usr/local/freeswitch/log/freeswitch.log
maxretry = 5

3) Перезапускаю, и вижу в логах fail2ban такое

SpoilerShow

Code: Select all

2016-01-22 11:46:47,050 fail2ban.jail   [20503]: INFO    Creating new jail 'ssh'
2016-01-22 11:46:47,050 fail2ban.jail   [20503]: INFO    Jail 'ssh' uses poller
2016-01-22 11:46:47,066 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:47,269 fail2ban.filter [20503]: INFO    Added logfile = /var/log/auth.log
2016-01-22 11:46:47,371 fail2ban.filter [20503]: INFO    Set maxRetry = 6
2016-01-22 11:46:47,676 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:47,778 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:46:50,269 fail2ban.jail   [20503]: INFO    Creating new jail 'vsftpd'
2016-01-22 11:46:50,269 fail2ban.jail   [20503]: INFO    Jail 'vsftpd' uses poller
2016-01-22 11:46:50,270 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:50,474 fail2ban.filter [20503]: INFO    Added logfile = /var/log/vsftpd.log
2016-01-22 11:46:50,576 fail2ban.filter [20503]: INFO    Set maxRetry = 6
2016-01-22 11:46:50,880 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:50,982 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:46:52,410 fail2ban.jail   [20503]: INFO    Creating new jail 'ssh-iptables'
2016-01-22 11:46:52,410 fail2ban.jail   [20503]: INFO    Jail 'ssh-iptables' uses poller
2016-01-22 11:46:52,411 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:52,614 fail2ban.filter [20503]: INFO    Added logfile = /var/log/auth.log
2016-01-22 11:46:52,716 fail2ban.filter [20503]: INFO    Set maxRetry = 5
2016-01-22 11:46:53,022 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:53,125 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:46:55,167 fail2ban.jail   [20503]: INFO    Creating new jail 'vsftpd-iptables'
2016-01-22 11:46:55,167 fail2ban.jail   [20503]: INFO    Jail 'vsftpd-iptables' uses poller
2016-01-22 11:46:55,168 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:55,372 fail2ban.filter [20503]: INFO    Added logfile = /var/log/vsftpd.log
2016-01-22 11:46:55,474 fail2ban.filter [20503]: INFO    Set maxRetry = 5
2016-01-22 11:46:55,779 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:55,881 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:46:56,899 fail2ban.jail   [20503]: INFO    Creating new jail 'exim-iptables'
2016-01-22 11:46:56,899 fail2ban.jail   [20503]: INFO    Jail 'exim-iptables' uses poller
2016-01-22 11:46:56,900 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:57,104 fail2ban.filter [20503]: INFO    Added logfile = /var/log/exim4/mainlog
2016-01-22 11:46:57,205 fail2ban.filter [20503]: INFO    Set maxRetry = 3
2016-01-22 11:46:57,510 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:57,612 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:46:58,943 fail2ban.jail   [20503]: INFO    Creating new jail 'vesta-iptables'
2016-01-22 11:46:58,944 fail2ban.jail   [20503]: INFO    Jail 'vesta-iptables' uses poller
2016-01-22 11:46:58,945 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:46:59,149 fail2ban.filter [20503]: INFO    Added logfile = /var/log/vesta/auth.log
2016-01-22 11:46:59,250 fail2ban.filter [20503]: INFO    Set maxRetry = 5
2016-01-22 11:46:59,555 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:46:59,657 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:47:00,572 fail2ban.jail   [20503]: INFO    Creating new jail 'freetcp-iptables'
2016-01-22 11:47:00,574 fail2ban.jail   [20503]: INFO    Jail 'freetcp-iptables' uses poller
2016-01-22 11:47:00,576 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:47:00,779 fail2ban.filter [20503]: INFO    Added logfile = /usr/local/freeswitch/log/freeswitch.log
2016-01-22 11:47:00,881 fail2ban.filter [20503]: INFO    Set maxRetry = 5
2016-01-22 11:47:01,186 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:47:01,288 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:47:02,306 fail2ban.jail   [20503]: INFO    Creating new jail 'freeudp-iptables'
2016-01-22 11:47:02,306 fail2ban.jail   [20503]: INFO    Jail 'freeudp-iptables' uses poller
2016-01-22 11:47:02,307 fail2ban.jail   [20503]: INFO    Initiated 'polling' backend
2016-01-22 11:47:02,510 fail2ban.filter [20503]: INFO    Added logfile = /usr/local/freeswitch/log/freeswitch.log
2016-01-22 11:47:02,612 fail2ban.filter [20503]: INFO    Set maxRetry = 5
2016-01-22 11:47:02,917 fail2ban.filter [20503]: INFO    Set findtime = 600
2016-01-22 11:47:03,019 fail2ban.actions[20503]: INFO    Set banTime = 600
2016-01-22 11:47:04,039 fail2ban.jail   [20503]: INFO    Jail 'ssh' started
2016-01-22 11:47:04,152 fail2ban.jail   [20503]: INFO    Jail 'vsftpd' started
2016-01-22 11:47:04,265 fail2ban.jail   [20503]: INFO    Jail 'ssh-iptables' started
2016-01-22 11:47:04,371 fail2ban.jail   [20503]: INFO    Jail 'vsftpd-iptables' started
2016-01-22 11:47:04,475 fail2ban.jail   [20503]: INFO    Jail 'exim-iptables' started
2016-01-22 11:47:04,580 fail2ban.jail   [20503]: INFO    Jail 'vesta-iptables' started
2016-01-22 11:47:04,692 fail2ban.jail   [20503]: INFO    Jail 'freetcp-iptables' started
2016-01-22 11:47:04,750 fail2ban.actions.action[20503]: ERROR   /usr/local/vesta/bin/v-add-firewall-chain FREETCP returned 100
2016-01-22 11:47:04,802 fail2ban.jail   [20503]: INFO    Jail 'freeudp-iptables' started
2016-01-22 11:47:04,878 fail2ban.actions.action[20503]: ERROR   /usr/local/vesta/bin/v-add-firewall-chain FREEUDP returned 100

А в логе Vesta соотв. вот такое

Code: Select all

2016-01-22 11:47:04 v-add-firewall-chain 'FREETCP' [Error 1]
2016-01-22 11:47:04 v-add-firewall-chain 'FREEUDP' [Error 1]

Айпишники при этом банятся, но в интерфейсе не отображаются
Как победить и что я делаю не так ?

Posted: **Fri Jan 22, 2016 11:17 am**

Посмотрел повнимательнее, например

Code: Select all

~# /usr/local/vesta/bin/v-add-firewall-chain FREETCP
Error: not enought arguments
Usage: v-add-firewall-chain CHAIN PORT

Видимо понимает без порта то, что уже определено в "v-add-firewall-chain" в секции known chains..
Туда наверное прописывать есть смысл до первого апдейта ?

Но по идее если в known chains не находит, то должен брать порты из правил файрволла и корректно делать v-add-firewall-chain ? Или как ?

Posted: **Mon Jan 25, 2016 7:06 pm**

Товарищи, ну как добиться отображения заблоченных айпишников через панель ?
Уже и freeswitch успел поменять на asterisk :)

Правило в jail.local добавил

Code: Select all

[asterisk-iptables]
enabled  = true
filter   = asterisk
action   = iptables-allports[name=SIP, protocol=all]
logpath  = /var/log/asterisk/messages
maxretry = 3
bantime = 86400

Айпишники банятся

Code: Select all

~# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
|  |- File list:	/var/log/asterisk/messages 
|  |- Currently failed:	4
|  `- Total failed:	354
`- action
   |- Currently banned:	5
   |  `- IP list:	23.239.66.60 80.86.90.215 199.48.164.205 198.204.224.98 142.54.165.138 
   `- Total banned:	5

Как сделать вывод этого добра в панели через List Fail2ban ?

Posted: **Thu Jan 28, 2016 12:56 pm**

headlong wrote: Как сделать вывод этого добра в панели через List Fail2ban ?

https://yourip:8083/list/firewall/banlist/ - здесь не показываются?

Posted: **Thu Jan 28, 2016 12:58 pm**

Вообще стоит посмотреть:
/usr/local/vesta/web/list/firewall/banlist/index.php

Руководствуется оно командой - v-list-firewall-ban

Posted: **Thu Jan 28, 2016 1:03 pm**

skurudo wrote: https://yourip:8083/list/firewall/banlist/ - здесь не показываются?

Именно :(

Консоль

Code: Select all

root@digi:~# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
|  |- File list:	/var/log/asterisk/messages 
|  |- Currently failed:	2
|  `- Total failed:	727
`- action
   |- Currently banned:	5
   |  `- IP list:	80.86.90.205 89.163.251.150 74.208.99.34 80.86.90.250 212.83.157.118 
   `- Total banned:	5
root@digi:~# v-list-firewall-ban
IP      CHAIN   TIME    DATE
------  ------  ------  ------

https://yourip:8083/list/firewall/banlist/ - пусто...

SSH там показывается, правило для астера в jail.local - выше
ЧЯДНТ ? :)

P.S. Вывод iptables - http://hastebin.com/mabegeheza.vhdl

Posted: **Tue Feb 02, 2016 7:57 pm**

Коллеги, ну вы хоть как-то отреагируйте ?
Или "да, бага", или "нет, должно все работать", или "у тебя кривые руки, rtfm" :)
Может я в названиях где-то ошибся, может какой вывод предоставить ?
Есть вообще пользователи у которых в админке Весты показываются забаненые айпишники из кастомных правил ?

Posted: **Wed Feb 03, 2016 10:58 am**

Ошибка как бы намекает на Not enough arguments provided, т.е. нужно дать еще что-то чтобы добавить в лог.
Сложно с наскоку сказать, что именно.

Posted: **Wed Feb 03, 2016 11:27 am**

Да ну я уже исправился :)

Code: Select all

root@digi:~# cat /usr/local/vesta/data/firewall/chains.conf
CHAIN='ASTERISK' PORT='5060-5080,10000-25000' PROTOCOL='UDP'
CHAIN='SSH' PORT='22' PROTOCOL='TCP'
CHAIN='FTP' PORT='21' PROTOCOL='TCP'
CHAIN='MAIL' PORT='25,465,587,2525,110,995,143,993' PROTOCOL='TCP'
CHAIN='VESTA' PORT='8083' PROTOCOL='TCP'
root@digi:~# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
|  |- File list:	/var/log/asterisk/messages 
|  |- Currently failed:	0
|  `- Total failed:	188
`- action
   |- Currently banned:	41
   |  `- IP list:	195.154.177.160 50.30.37.184 209.126.122.91 85.93.88.189 5.79.69.68 209.126.111.43 185.40.4.95 5.79.69.81 89.163.251.150 80.253.225.163 142.54.165.138 194.63.142.19 209.126.122.68 23.239.66.62 63.246.129.86 69.50.207.179 163.172.192.116 91.194.84.60 136.243.2.69 136.243.24.229 209.126.122.75 209.126.114.69 209.126.122.89 46.166.161.46 69.64.57.176 69.64.57.15 104.243.41.26 69.50.208.158 209.126.117.230 155.94.65.50 80.86.90.250 188.138.75.217 89.163.133.38 217.79.190.100 173.242.113.131 85.25.207.74 188.138.101.51 80.86.90.215 188.138.57.11 37.8.47.36 69.64.57.55 
   `- Total banned:	41
root@digi:~# v-list-firewall-ban
IP               CHAIN   TIME      DATE
------           ------  ------    ------
118.192.157.173  SSH     17:52:24  2016-02-02
193.201.227.195  SSH     18:00:56  2016-02-02
118.184.13.213   SSH     19:16:33  2016-02-02
183.3.202.101    SSH     20:42:06  2016-02-02
60.173.10.132    SSH     03:42:51  2016-02-03
66.108.21.76     SSH     10:07:54  2016-02-03

Кстати - правило FREETCP уже давно удалено через интерфейс Vesta, а в iptables таки есть...
И ssh почему-то дублируется.. может названия SIP и ASTERISK ? регистр ? где-то совсем рядом проблема ...

Code: Select all

root@digi:~# iptables -L -n
Chain INPUT (policy DROP)
target     prot opt source               destination         
fail2ban-SIP  all  --  0.0.0.0/0            0.0.0.0/0           
fail2ban-VESTA  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8083
fail2ban-FTP  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:21
fail2ban-SSH  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
fail2ban-vsftpd  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 21,20,990,989
fail2ban-ssh  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 22
fail2ban-MAIL  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587,2525,110,995,143,993
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 5060:5080,10000:25000
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 80,443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 21,12000:12100
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 3306,5432
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8083
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0                  
ACCEPT     all  --  127.0.0.1            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:20
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:21
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:25
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp spt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:110
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp spt:123
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:143
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:3306
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:5432
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:8080
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:8433
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spt:8083
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp spts:12000:12100
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-ASTERISK (0 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

[b]Chain fail2ban-FREETCP (0 references)
target     prot opt source               destination  [/b]       

Chain fail2ban-FTP (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-MAIL (1 references)
target     prot opt source               destination         

Chain fail2ban-SIP (1 references)
target     prot opt source               destination         
REJECT     all  --  69.64.57.55          0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  37.8.47.36           0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  188.138.57.11        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  80.86.90.215         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  188.138.101.51       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  85.25.207.74         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  173.242.113.131      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  217.79.190.100       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  89.163.133.38        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  188.138.75.217       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  80.86.90.250         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  155.94.65.50         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.117.230      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  69.50.208.158        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  104.243.41.26        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  69.64.57.15          0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  69.64.57.176         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  46.166.161.46        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.122.89       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.114.69       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.122.75       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  136.243.24.229       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  136.243.2.69         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  91.194.84.60         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  163.172.192.116      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  69.50.207.179        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  63.246.129.86        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  23.239.66.62         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.122.68       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  194.63.142.19        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  142.54.165.138       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  80.253.225.163       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  89.163.251.150       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  5.79.69.81           0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  185.40.4.95          0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.111.43       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  5.79.69.68           0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  85.93.88.189         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  209.126.122.91       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  50.30.37.184         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  195.154.177.160      0.0.0.0/0            reject-with icmp-port-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-SSH (1 references)
target     prot opt source               destination         
REJECT     all  --  66.108.21.76         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  60.173.10.132        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  183.3.202.101        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  118.184.13.213       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  193.201.227.195      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  118.192.157.173      0.0.0.0/0            reject-with icmp-port-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-VESTA (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
REJECT     all  --  66.108.21.76         0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  60.173.10.132        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  183.3.202.101        0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  118.184.13.213       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  193.201.227.195      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  118.192.157.173      0.0.0.0/0            reject-with icmp-port-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-vsftpd (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain vesta (0 references)
target     prot opt source               destination

Posted: **Tue Feb 16, 2016 12:32 am**

Как-то не очень fail2ban работает в стандартной поставке.

There were 15224 failed login attempts since the last successful login.

В логах fail2ban - пусто, в firewall тоже. Куда смотреть?

Со стандартными конфигами (чистая установка)

Code: Select all

 # fail2ban-client status
Status
|- Number of jail:	0
`- Jail list:	
# fail2ban-client status vesta-iptables
ERROR  NOK: ('vesta-iptables',)
Sorry but the jail 'vesta-iptables' does not exist

Vesta Control Panel - Forum

Опять про fail2ban

Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban

Re: Опять про fail2ban