Fail2Ban is stil Banning Cloudflare after white listing

Hi,

I have added the CF IPs available at cloudflare.com/ips in jail.conf as given below:

ignoreip = 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22 2400:cb00::/32 2606:4700::/32 2803:f800::/32 2405:b500::/32 2405:8100::/32 2a06:98c0::/29 2c0f:f248::/32

However, F2B is still banning CF, and in the logs I see different IP addresses that belong to CF.

Iptables -S outputs:

-A f2b-nginx-noscript -s 162.158.159.25/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.159.43/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.154.94/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.25/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.69/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.143/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.155/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.154.160/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.251/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.55/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.191/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.98.129/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.131/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 141.101.99.240/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.197/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.155.11/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.159.27/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-noscript -s 162.158.158.148/32 -j REJECT --reject-with icmp-port-unreachable

Any help?

I’m just poking around on this, but is there an iptables command to show the active ignoreip list? I can see it in my jail.local file, but it would be nice to know if it’s reading it.

I was able to fix it, I wasn’t using jail.conf file. And that is why I was facing this problem. But i got the solution from here:

https://www.nixdevsoft.com/community/t/fail2ban-still-bans-ip-even-after-white-listing/209

I added the cloudflare ips in jail.local and it works now.

1 Like

This topic was automatically closed after 14 days. New replies are no longer allowed.