Haas-proxy not closing connections
-
Haas-proxy doesn’t close connections and the list grows by time until service restarted/stopped. Pls see the screenshot below from the cmd "netstat -atn|grep 2525". Reported the issue at Turris forums: https://forum.turris.cz/t/haas-proxy-not-closing-connections/16446
-
And another point is that still getting attacks from same IPs even which are already in the ipset, the firewall rule is configured to drop them but seems still allowing them to connect to the ssh honeypot. Is this expected behavior?
-A zone_wan_forward -m set --match-set turris-sn-dynfw-block src -m conntrack --ctstate NEW -m comment --comment "!sentinel: dynamic firewall block" -j zone_wan_src_DROP
-A zone_wan_input -m set --match-set turris-sn-dynfw-block src -m mark ! --mark 0x10/0x10 -m conntrack --ctstate NEW -m comment --comment "!sentinel: dynamic firewall block" -j zone_wan_src_DROP