IP white listing

image
I added an accept via command line into the ‘trusted’ zone. It seemed to work for a while but later caused me grief when it didn’t work.

I had a friend with all Apple devices get a new IPAD. He didn’t remember the password so I had to reset it. I knew he had other devices logging into mail so I did a little research and put him in the ‘trusted’ zone. At some point he still got caught in fail2ban postfix and dovecot jails. Confusion and frustration followed when I’d see him hit the server but nothing was logging in auth.log. I’m assuming the failure was a rule precedence order?

As a companion to block it would be nice to have an accept. I’ve used it for clients setting up mail before. I think CSF lets you set a time so you don’t have to remember to remove it later.

Should this be moved to ‘blue skies’? :wink:

I guess you know fail2ban had a ignoreip setting?

Nope. I don’t know every line of code of every program I use. :wink: But, that would make it easier to put into the interface.

True, it could be done in the the section where you view the block and have a second option to whitelist as well as the remove.


.

I am sure I asked for an allow button in the firewalls panel and got told it was not needed, but this is a good example of why it is.

When you are changing an email password and people have multiple devices this can stop the IP getting blocked while changing.

We could technically do it—it’s not that odd of a feature. I can see how it could be useful.

2 Likes

Alright, this feature will be implemented in the next Webmin release!

3 Likes

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.