When the Fail2ban trigger an IP ban action, I want to block all the ports on my Ubuntu Server. Right now, I use banaction = iptables-allports
and CSF. At this moment it only blocked SSH port, even if I use iptables-allports
in fail2ban.
I face this issue sites behind the Cloudflare reverse proxy.
This is an Ubuntu 18.04 Nginx server. I can view visitors IP address in nginx log files. So I believe this VPS X-Forwarded-For
in nginx configuration working as expected.
When I manually added an IP address to the CSF temporary ban list via SSH, now it again not blocked HTTP and HTTPS ports. This server support IPv4 and IPv6.
When I search the blocked IP it shows following outcome.
root@server:~# csf -g 43.250.242.xxx
Table Chain num pkts bytes target prot opt in out source destination
filter TOR 174 22 1320 REJECT all -- * * 43.250.242.xxx 0.0.0.0/0 reject-with icmp-port-unreachable
filter TOR 2 0 0 REJECT all -- * * 43.250.242.xxx 0.0.0.0/0 reject-with icmp-port-unreachable
filter TOR 6 0 0 REJECT all -- * * 43.250.242.xxx 0.0.0.0/0 reject-with icmp-port-unreachable
IPSET: Set:cc_lk Match:43.250.242.xxx Setting:CC_ALLOW_PORTS Country:LK
ip6tables:
Table Chain num pkts bytes target prot opt in out source destination
No matches found for 43.250.242.xxx in ip6tables