[Ferm] Subchain confusion
Kiss Gabor (Bitman)
kissg at ssg.ki.iif.hu
Thu Aug 24 11:44:54 CEST 2017
> It fails because you started your statement with "@subchain", and
> there's no rule before it. That's forbidden, because it doesn't make
> sense. And I have no idea what you're trying to do here, why you use
> "@subchain".
Okay... have you any idea how to improve the line
@subchain "fail2ban-SSH" { RETURN; }
in order to make it acceptable. :-)
proto tcp @subchain "fail2ban-SSH" { RETURN; }
fails
jump @subchain "fail2ban-SSH" { RETURN; }
fails
saddr @ipfilter((0.0.0.0/0 ::/0)) @subchain "fail2ban-SSH" { RETURN; }
works but I guess consumes more CPU time than necessary
Gabor
More information about the Ferm
mailing list