Resolved How to ban IP range with fail2ban

[CoyoteKG]

Hello,
I have too many logging attempts from 91.200.12.*
But fail2ban not banned that IP because every time is diferent IP.

I want to add it manually, but I can't find that option in plesk.
Also before this post I tried to find a way in your documentation, and without success.

In attachment you can find log with those attempts.
Also this is my plesk-postfix jail. It is default

[plesk-postfix]
enabled = true
filter = postfix-sasl
action = iptables-multiport[name="plesk-postfix", port="smtp,smtps,submission"]
sendmail-common[dest="[email protected]", sender="fail2ban", sendername="Fail2Ban"]
logpath = /var/log/maillog
maxretry = 3

and this is acction

iptables-multiport[name="plesk-postfix", port="smtp,smtps,submission"]
sendmail-common[dest="[email protected]", sender="fail2ban", sendername="Fail2Ban"]

So, how to block everything from 91.200.* ?

 

[moswak]

block ipranges with fail2ban is no problem
look here -- >> http://sven.rojek.de/posts/fail2ban-iprange-mit-blackliste-blocken
it works on debian 6/7 and centos 6/7

 

[CoyoteKG]

Hi, thx for help,
I blocked with

iptables -A INPUT -s 91.200.0.0/16 -j DROP

I just though that is possible to do via Plesk interface.

 

[CoyoteKG]

Hm, that range is not yet blocked






edit:
I deleted previous rule, and added new one at the beginning of chain with -I

iptables -A INPUT -s 91.200.0.0/16 -j DROP

 

[Ehud]

You may use Plesk FireWall for such task.