El mar., 3 nov. 2020 a las 10:45, <u34@net9.ga> escribió:
Maykel Franco via arch-general <arch-general@archlinux.org> wrote:
El mar., 3 nov. 2020 a las 9:48, <u34@net9.ga> escribi??:
Maykel Franco via arch-general <arch-general@archlinux.org> wrote:
Hi, I have this script for iptables for my archlinux desktop:
And when received external request access SSH error, fail2ban add rule but the rule not working.
I think it has to do with the iptables script, but the fail2ban blocking rules add fine but don't ban. That could be happening?
It could be that the banning fail2ban rule doesn't ban. 1. Can you show the iptables state before, and after, fail2ban added its rule? That is, issue an iptables -s command? I do hope I got the iptables command right. 2. Can you show fail2ban configuration?
-- u34
The problem is not fail2ban. The problem is the script iptables rules because after exec script iptables:
I try drop ip:
iptables -A INPUT -p tcp -s 192.168.0.33 --dport 22 -j DROP
Not block ip 192.168.0.33 on port 22.
Possibly because that line is added as the last lines of the iptables. The accept lines of the script already accepted the 192.168.0.33 connection. You probably want to issue an Insert, or a Replace, command. -I or -R, if I remmeber correcly. What is the output of iptables -s, if I remember correctly, after you issued the 192.168.0.33 related command?
As an aside, I think you should revert to nft (nftables).
-- u34
Thanks for your response. With -I works well with: iptables -I INPUT -p tcp -s 192.168.0.33 --dport 2222 -j DROP And now, for iptables works well, How it solved? I need iptables add rules on first place.