-
-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
f2b adding to iptables but not banning #64
Comments
Hi there :) Also remember: if you are using some kind of proxy (like cloudflare) and traffic is coming in on SSL, the real IP can't be seen (in the encrypted "x-forwarded-for"-header), meaning the request won't be blocked and still show up in the logs. Hope this helps a little, cheers :) |
Heya, Thank you for replying! You've certainly triggered a thought process re Cloudflare. So I was passing the real IP of the client, but that obviously wasn't the IP address that was hitting the server (due to CF). My solution was to use Fail2Ban with the Cloudflare action and get f2b to block at Cloudflare instead of at the server, also more secure that way in many respects. Solution:
Setting up the cloudflare action: https://community.cloudflare.com/t/can-i-still-use-fail2ban-while-using-cloudflare-article/63674 Thanks again! |
Behaviour
Steps to reproduce this issue
Bitwarden + f2b
Docker compose file:
Bitwarden log:
F2B Log:
Jail.d/Bitwarden.conf
filter.d/bitwarden.conf
IPTables:
Expected behaviour
IP should be banned
Actual behaviour
IP is added to IPtables, but still has access
Configuration
docker --version
) : Docker version 19.03.5, build 633a0ea838docker-compose --version
) : docker-compose version 1.24.1, build 4667896uname -a
) :docker-compose.yml
,.env
, ...Docker info
The text was updated successfully, but these errors were encountered: