[Bug 858] New: Some address cannot be blocked

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Oct 13 11:49:46 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=858

           Summary: Some address cannot be blocked
           Product: iptables
           Version: 1.4.x
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: blocker
          Priority: P1
         Component: iptables
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: antoine.gutzwiller at neutralite.org
   Estimated Hours: 0.0


I've been attacked during a few hours, and if fail2ban told me the address has
been banned, the attack was continuing, and I got around 50 fail2ban messages.

iptables - L return :

...
Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
DROP       all  --  88-191-185-62.rev.dedibox.fr  anywhere            
RETURN     all  --  anywhere             anywhere
...

So, I tried to add the address by myself :

iptables -A INPUT -s 88.191.185.62 -j DROP

But I got the same problem : 

iptable -L show that the address has been transformed again from 88.191.185.62
to 88-191-185-62.rev.dedibox.fr (and the attack keep going, the rule doesn't
DROP anything)

Version : 1.4.8 (Debian old-stable)

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list