WAN Block List Help

Started by pdobrien3, June 13, 2021, 01:50:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 13, 2021, 01:50:20 PM
Hello,

I have two rules on the inbound WAN interface that look like they are working but they are not and I am pulling my hair out trying to figure it out.  I have an NGINX reverse proxy SWAG container setup with fail2ban and text notifications so while I can see the rules blocking in the logs, I am still getting fail2ban hits:

Here are my two rules:

Protocol   Source   Port   Destination   Port   Gateway   Schedule   Description    
   
IPv4 *   Block_List     *   *   *   *   *   NGIX Identified Block List      
IPv4+6 *   MaxMindGeoIP     *   *   *   *   *   MaxMind Allow US Only Rule

The Block List Alias is mostly from Zenlayer, DigitalOcean and a few others.  There are about 50 CIDR defined networks.  The other alias is obvious. 

When I inspect the rule:
Evaluations   States   Packets   Bytes   Description       
2438                         0       13   663 bytes   NGIX Identified Block List      
405                         0       33   2 KB           MaxMind Allow US Only Rule

Its almost as if it works 95% of the time?

What am I doing wrong?

Thanks
Print
Go Up Pages1
User actions