IP getting access even after blocking

Discussion in 'General' started by pawan, Jan 4, 2020.

  1. pawan

    pawan Member - - [04/Jan/2020:19:59:33 +0530] "GET /efk-dashboard HTTP/1.1" 404 66914 "-" "python-requests/2.13.0"
    There are mulitple access records like this even after I have run the commands
    ufw deny from //for ufw
    ip route add unreachable 78.128.113 //for fail2ban
    I also restarted the fail2ban service after adding the ip
    How to fix this issue, I run out of idea.
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    What has this got to do with fail2ban? ip route manipulates the routing table.
    If you want to add IP to fail2ban, use fail2ban commands.
    fail2ban-client set <jailname> banip
  3. pawan

    pawan Member

    I have configured fail2ban with route as instructed somewhere here. like

    banaction = route

    in fail2ban jail.local. so will it not work with fail2ban. I am not sure.
  4. Tuumke

    Tuumke Active Member

    ufw deny from //for ufw
    You know that a /24 is 254 IP addresses? As far is a i know.. you should use
    ufw deny from
    Not sure if command is complete though.. Quick search shows:
    sudo ufw deny from {ip-address-here} to any
    for example:
    sudo ufw deny from to any
  5. pawan

    pawan Member

    Actually the ufw rule was getting inserted after the allow rule so what I did
    deleted that rule and reinserted using
    ufw insert 1 deny to any
  6. Tuumke

    Tuumke Active Member

    Again, /24 is a whole network. Like most home networks are (which means ip addressess from to A /32 is a single ip address.

Share This Page