Hi,
I have added the CF IPs available at cloudflare.com/ips
in jail.conf
as given below:
ignoreip = 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22 2400:cb00::/32 2606:4700::/32 2803:f800::/32 2405:b500::/32 2405:8100::/32 2a06:98c0::/29 2c0f:f248::/32
However, F2B is still banning CF, and in the logs I see different IP addresses that belong to CF.
Iptables -S outputs:
-A f2b-nginx-noscript -s 162.158.159.25/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.159.43/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.154.94/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.25/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.69/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.143/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.155/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.154.160/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.251/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.55/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.191/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.129/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.131/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.99.240/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.197/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.11/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.159.27/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.158.148/32 -j REJECT --reject-with icmp-port-unreachable
Any help?