Port Scan Tracking - Wont work ubuntu 20.04
Posted: 24 Mar 2022, 17:53
Hi, i think there is a bug with the last version 14.16 and ubuntu 20.04 lts (vps digitalocean), wen i try to activate Port Scan Tracking, wont work, just dont ban the ip.
Configs
Testing 5 ports different and dont temporary ban or permanent ban.
Iam missing something?
Configs
Code: Select all
PS_INTERVAL = 300
PS_Limit = 3
PS_PERMANENT = 1
Code: Select all
Mar 24 17:24:19 ubuntu-s kernel: [ 6066.501407] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=41042 DF PROTO=TCP SPT=46252 DPT=230 WINDOW=65535 RES=0x00 SYN URGP=0
Mar 24 17:24:20 ubuntu-s kernel: [ 6067.607555] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=57507 DF PROTO=TCP SPT=46232 DPT=231 WINDOW=65535 RES=0x00 SYN URGP=0
Mar 24 17:24:30 ubuntu-s kernel: [ 6077.765788] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=54762 DF PROTO=TCP SPT=46248 DPT=232 WINDOW=65535 RES=0x00 SYN URGP=0
Mar 24 17:24:43 ubuntu-s kernel: [ 6090.847050] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=7926 DF PROTO=TCP SPT=46234 DPT=233 WINDOW=65535 RES=0x00 SYN URGP=0
Mar 24 17:24:55 ubuntu-s kernel: [ 6102.298225] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=25378 DF PROTO=TCP SPT=46242 DPT=234 WINDOW=65535 RES=0x00 SYN URGP=0
Mar 24 17:25:05 ubuntu-s kernel: [ 6112.466467] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:fe:00:00:00:01:01:08:00 SRC=xx.xx.xx.27 DST=xx.xx.xx.245 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=57009 DF PROTO=TCP SPT=46246 DPT=235 WINDOW=65535 RES=0x00 SYN URGP=0