Hello
I'm trying to create a simple rule to block some ip on a mail server.
I'm just learning nftables with the wiki, and did create this rule :
I just want to drop these IP. Even after reload (I see the rules on nft), theses IP still continue to flood my postfix logs, so I guess.. not blocked really.What did I do wrong ?
I tried with a public IP I own : i'm really blocked. But why not these one ?
I was using fail2ban..but .. it's another subject.
Thanks,
I'm trying to create a simple rule to block some ip on a mail server.
I'm just learning nftables with the wiki, and did create this rule :
Code:
#!/usr/sbin/nft -fflush rulesettable inet filter { chain input { type filter hook input priority 0; ip saddr 194.169.175.66 drop; ip saddr 194.169.175.20 drop; } chain output { type filter hook output priority 0; }}Code:
2024-06-27T14:28:59.386023+02:00 mail postfix/smtpd[1924]: warning: unknown[194.169.175.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6, sasl_username=morgan@hidden.fr2024-06-27T14:28:59.442002+02:00 mail postfix/smtpd[1924]: lost connection after AUTH from unknown[194.169.175.20]I tried with a public IP I own : i'm really blocked. But why not these one ?
I was using fail2ban..but .. it's another subject.
Thanks,
Statistics: Posted by ouafnico — 2024-06-27 12:32 — Replies 2 — Views 66