Fail2Ban redirect instead of drop

BruceLeeRoy

2/15/24, 7:07 PM

I'm trying to configure Fail2ban to redirect instead of banning, I've found plenty of posts about redirecting to a different port for HTTP traffic to display a different webpage, but I need to redirect to a different IP address entirely. I see the -j REDIRECT function will let me redirect to a different port but not IP Does anyone know how to redirect banned traffic to a specified IP rather than dropping?

iptables-multiport-24.conf
actionstart = iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
actionban = iptables -I fail2ban-<name> 1 -s <ip>/24 -j <blocktype>

jail.local
action = iptables-multiport-24[name=SPAMTRAP, port=smtp, protocol=tcp]
logpath = /var/log/maillog

0 + 2

spam

iptables

redirect

fail2ban

Zareh Kasparian

2/16/24, 6:55 AM

please share your configurations for both iptables and fail2ban jail.

BruceLeeRoy

2/17/24, 1:38 PM

Configs added above...

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Fail2Ban redirect instead of drop

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.