2024-06-19, 06:59 PM
So Nginx is setting the requestor IP in the header, Jellyfin is reading the header, Fail2Ban is reading the header. But iptables is not reading the header.
I think that is where the blog I linked differs. Instead of blocking with iptables, they are configuring Nginx to silently disconnect the session from the "real IP".
From other posts I've read, iptables cannot read the header for https traffic due to the header being part of the encrypted content. If you want iptables blocking these requests instead of Nginx silently disconnecting, you'd have to setup fail2ban on the Nginx container and send logs to the Nginx container (with rsyslog) and setup the rules on the Nginx container.
I think that is where the blog I linked differs. Instead of blocking with iptables, they are configuring Nginx to silently disconnect the session from the "real IP".
From other posts I've read, iptables cannot read the header for https traffic due to the header being part of the encrypted content. If you want iptables blocking these requests instead of Nginx silently disconnecting, you'd have to setup fail2ban on the Nginx container and send logs to the Nginx container (with rsyslog) and setup the rules on the Nginx container.
Jellyfin 10.10.7 (Docker)
Ubuntu 24.04.2 LTS w/HWE
Intel i3 12100
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
4x WD Red Pro 6TB CMR in RAIDZ1
![[Image: GitHub%20Sponsors-grey?logo=github]](https://img.shields.io/badge/GitHub%20Sponsors-grey?logo=github)
Ubuntu 24.04.2 LTS w/HWE
Intel i3 12100
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
4x WD Red Pro 6TB CMR in RAIDZ1