Hi,
Somehow a single blocked ip is getting through the Brute force monitor?
BFM example record:
----------------------
14400007210098 167.88.35.243 info@[client-domain].nl 1 exim2 2015-08-19 18:12:00 login authenticator failed for (ylmf-pc) [167.88.35.243]: 535 Incorrect authentication data (set_id=info@[client-domain].nl)
----------------------
In this post 'zEitEr' said to run:
Result is a long list with blocked ip's. Small portion of the list:
The problem ip (167.88.35.243) is inside the blocked list??
IP: 167.88.35.243
Login failures: 32934
First: Aug 19 12:50
Last: Aug 19 18:29
Any help is much appreciated!
Regards,
Bjorn
Somehow a single blocked ip is getting through the Brute force monitor?
BFM example record:
----------------------
14400007210098 167.88.35.243 info@[client-domain].nl 1 exim2 2015-08-19 18:12:00 login authenticator failed for (ylmf-pc) [167.88.35.243]: 535 Incorrect authentication data (set_id=info@[client-domain].nl)
----------------------
In this post 'zEitEr' said to run:
Code:
iptables-save
Result is a long list with blocked ip's. Small portion of the list:
Code:
-A INPUT -s 103.41.124.109/32 -j DROP
-A INPUT -s 103.41.125.104/32 -j DROP
-A INPUT -s 103.41.125.15/32 -j DROP
-A INPUT -s 103.41.125.58/32 -j DROP
-A INPUT -s 103.41.125.64/32 -j DROP
-A INPUT -s 103.41.125.101/32 -j DROP
-A INPUT -s 103.41.125.62/32 -j DROP
-A INPUT -s 103.41.125.63/32 -j DROP
-A INPUT -s 103.41.125.42/32 -j DROP
-A INPUT -s 103.41.125.61/32 -j DROP
-A INPUT -s 103.41.125.56/32 -j DROP
The problem ip (167.88.35.243) is inside the blocked list??
IP: 167.88.35.243
Login failures: 32934
First: Aug 19 12:50
Last: Aug 19 18:29
Any help is much appreciated!
Regards,
Bjorn
Last edited: