-
-
Notifications
You must be signed in to change notification settings - Fork 653
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fail2ban - does it work for IPv6 addresses, too? #1734
Comments
I'm sure it's supported, but nothing we've implemented yet. Even though I've got a "Sage T-shirt", my knowledge in IPv6 is very limited. |
I guess we need to investigate Question is, if ipv6 addresses get logged by nextcloud and sshd if logins were unsuccessful. Do you know if that is the case? Maybe this works: |
Any progress here? |
No, since I cannot test if the ipv6 address also gets logged in the nextcloud log: |
@enoch85 I suppose the clouds that you manage are only accessible via IPv4, too? |
Don't know, but I guess not. IPv6 is usually "available" but not default. |
I don't know if you manage |
Sorry, I don't have SSH access to Kafit's cloud. :/ |
Would also not work since the server doesn't seem to be reachable via their ipv6 record... |
You could try to setup a DigitalOcean VPS (or whatever provider) and enable IPv6 only to see if Fail2ban works or not. That's how I usually do when I don't have the resources available myself. |
I was now able to test it locally: {
"reqId": "4AhKqTdCKZZ3SFIaQwAt",
"level": 2,
"time": "2021-05-10T13:56:29+02:00",
"remoteAddr": "fe80::70b6:8958:833b:8c6a",
"user": "--",
"app": "no app in context",
"method": "POST",
"url": "/login",
"message": "Login failed: admin (Remote IP: fe80::70b6:8958:833b:8c6a)",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
"version": "20.0.9.1"
} So the ipv6 address seems to get logged to the nextcloud.log |
OK, cool, so Fail2ban blocks it as well? |
No, unfortunately it doesn't work with ipv6 addresses. Fail2ban seems to register them as 0.0.0.1 addresses which is obviously wrong. I couldn't make it work with the link I've sent above, either... |
I am unsure how to proceed from here. |
Hm... I suppose so... |
@enoch85 do you know if Fail2ban works for IPv6 addresses, too? I've until now only seen IPv4 addresses that get blocked by Fail2ban...
The text was updated successfully, but these errors were encountered: