KillVirus Ckruijntjens i dont understand why it is not working out of the box… 😅 On debian 10 it began switching: https://wiki.debian.org/iptables#Current_status I had problems with that mixture on debian 10 too. For me it works for removing all to do with iptable like I wrote. On the link above you can also see how it should look like in standard with: “Chain INPUT” And again you might want to find a good guide to setup your firewall.
Ckruijntjens KillVirus when i dont run anythin else on this machine i do not have to create a manual firewall rules correct?
Ckruijntjens KillVirus when you remove all iptables packages. how did you reinstall docker then? because it will uninstall docker on my system?
KillVirus please look for a “how to set up nftable firewall on debian”.. Or read my link above for learning in 10min 😉
KillVirus I did the firewall things before installing docker. So I can’t help. But when you read the debian link above you see, that iptable is on deb11 some kind of layer and nftable is still working as backend. So removing might not the right way for you. Try to stop docker and flush rules and configure as a plain new firewall. Keep care not to lock out when playing 😉
Ckruijntjens KillVirus even when i install a new vm and install nftables and then install docker docker is installing iptables………..
KillVirus duplicated with: https://community.mailcow.email/d/1326-autobanning-of-ip-address-via-netfilter
Ckruijntjens Ckruijntjens i yust installed a vm debian 11. installed nftables i installed docker and mailcow basic install. created a test user and checked if the user is getting blocker. same issue…… so on a bare metal installation it is not working. maybe the team of mailcow has to look in to this?
Ckruijntjens @pkernstock Could you test if the ip is actually banned? Because in my setup netfilter shows me in mailcow ui that the IP is blocked. But with the same op I can open webmail etc etc.
Ckruijntjens @pkernstock Are the blocked ips actualy blocked in you setup? (So the ip can not connect to webmail etc)?
pkernstock Sorry. I only find time helping out in my free-time, as I’m not working for mailcow. But to answer your question: Yes, seems to work. (that’s not a manual ban)
Ckruijntjens pkernstock Hi, Still have a question. how is your setup? is your mailcow server connected directly ot the internet with its own ip adres? or….?
pkernstock It’s just a plain, boring Ubuntu 20.04 installation with mailcow installed. Nothing extraordinary.
Ckruijntjens pkernstock i really dont understand it. i just installed a vm(lxd) ubuntu system. even this one is not banning……………..
Ckruijntjens pkernstock Well docker is inside a other range then mailcow. See picture. Is this a problem?
pkernstock To start from the beginning: Perform a invalid login with a wrong password to Postfix (directly, no webmail) in two ways: From your client, as you’ve been testing so far From an external client in the internet, outside your main network. Like your mobile phone in the public mobile network. Check the postfix logs and search for the failed logins Which IPs do you see being responsible for the failed logins? (Internal? Public IP?)
Ckruijntjens pkernstock If i send an email from internal network. it uses an internal ip 172.22.1.248. external network. it uses the public ip adres. so if i do failed logins its the same. so this is good i believe….
Ckruijntjens pkernstock and in netfilter container its also showing the public ip adres when i do failed login attmepts. It also show the right ip adres to be banned but its not blocking any connections from this ip adres
