TITLE:
EXPECTED RESULT:
Plesk places F2B rules on front row
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:Plesk 17.5.3, Ubuntu 16.04 LTS
PROBLEM DESCRIPTION:When I enable the F2B Plesk module it will create a rule in front of all the other rules.
I think it should insert itself a bit later in the chain.
This way it is taking processing power without anything to gain.
STEPS TO REPRODUCE:I think it should insert itself a bit later in the chain.
This way it is taking processing power without anything to gain.
Enable the Plesk Firewall module
Enable the Fail2ban module
ACTUAL RESULT:Enable the Fail2ban module
Code:
-A INPUT -p tcp -m tcp --dport 22 -j f2b-SSH
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
I would expect at least this....
or even better
The code that inserts the F2B-rules should seek a more strategic position so it will not become a performance hit to the firewall and make it take too much processing power.
Most of the traffic is already established and shouldn't need rechecking
ANY ADDITIONAL INFORMATION:
Code:
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j f2b-SSH
or even better
Code:
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
...
...
...
....
-A INPUT -p tcp -m tcp --dport 22 -j f2b-SSH
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
The code that inserts the F2B-rules should seek a more strategic position so it will not become a performance hit to the firewall and make it take too much processing power.
Most of the traffic is already established and shouldn't need rechecking
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:Confirm bug