This action allows fail2ban to send IP bans directly to OPNsense by maintaining a host alias group. This group can then be used by the user in any way they see fit directly within OPNsense e.g. to block traffic.
There is no necessity to disable the default fail2ban host iptables action in jail.local but when successfully deployed this action will likely result in these chains never needing to actually block traffic.
This approach can be useful when you have:
multiple hosts requiring protection
fragile hosts that are not easy to filter directly
It may also be useful when host cap_add options are not accessible (TBC)
This action allows fail2ban to send IP bans directly to OPNsense by maintaining a host alias group. This group can then be used by the user in any way they see fit directly within OPNsense e.g. to block traffic.
There is no necessity to disable the default fail2ban host iptables action in jail.local but when successfully deployed this action will likely result in these chains never needing to actually block traffic.
This approach can be useful when you have:
It may also be useful when host cap_add options are not accessible (TBC)