[asterisk-users] Fail2ban - SuSEfirewall
Tilghman Lesher
tlesher at digium.com
Mon Jul 26 14:38:39 CDT 2010
On Monday 26 July 2010 14:19:58 John Novack wrote:
> Randy R wrote:
> > On Mon, Jul 26, 2010 at 10:36 AM, Brent A. Torrenga<lists at torrenga.com>
wrote:
> >> I have tried to setup fail2ban on a machine running OpenSuSE 11.
> >> Everything looks fine, except the machine restarts the firewall whenever
> >> the DHCP lease is renewed, thus flushing all the fail2ban rules (I
> >> think…). It seems to me that a quick fix would be to have the system
> >> restart fail2ban whenever the firewall is restarted. Has anyone else
> >> encountered this issue? …and come up with a solution?
> >
> > I believe there's a way to make the rules persist in a file. (see the
> > fail2ban docs)
> >
> > /r
>
> Why isn't the Asterisk box on a static IP on the LAN? That seems to be
> asking for trouble using DHCP.
If the LAN is using an RFC-compliant DHCP server (read: not Microsoft), then
it makes utterly no difference; as long as the machine is up whenever its
lease expires and not too many MAC addresses are on the LAN, then it will
always get exactly the same IP.
The problem sounds like fail2ban is failing to write the new rules to a
permanent file, which would otherwise allow the rules to persist after a
reboot.
--
Tilghman Lesher
Digium, Inc. | Senior Software Developer
twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list