[arch-general] Fail2Ban is not adding iptables rules
u34 at net9.ga
u34 at net9.ga
Tue Nov 3 09:45:54 UTC 2020
Maykel Franco via arch-general <arch-general at archlinux.org> wrote:
> El mar., 3 nov. 2020 a las 9:48, <u34 at net9.ga> escribi??:
> >
> > Maykel Franco via arch-general <arch-general at archlinux.org> wrote:
> >
> > > Hi, I have this script for iptables for my archlinux desktop:
> > >
> > > https://pastebin.com/SafhsKFt
> > >
> > > And when received external request access SSH error, fail2ban add rule
> > > but the rule not working.
> > >
> > > I think it has to do with the iptables script, but the fail2ban
> > > blocking rules add fine but don't ban. That could be happening?
> >
> > It could be that the banning fail2ban rule doesn't ban.
> > 1. Can you show the iptables state before, and after, fail2ban added
> > its rule? That is, issue an iptables -s command? I do hope I got
> > the iptables command right.
> > 2. Can you show fail2ban configuration?
> >
> > --
> > u34
>
> The problem is not fail2ban. The problem is the script iptables rules
> because after exec script iptables:
>
> https://pastebin.com/SafhsKFt
>
> I try drop ip:
>
> iptables -A INPUT -p tcp -s 192.168.0.33 --dport 22 -j DROP
>
> Not block ip 192.168.0.33 on port 22.
Possibly because that line is added as the last lines of the iptables.
The accept lines of the script already accepted the 192.168.0.33 connection. You
probably want to issue an Insert, or a Replace, command. -I or -R, if I remmeber
correcly.
What is the output of iptables -s, if I remember correctly,
after you issued
the 192.168.0.33 related command?
As an aside, I think you should revert to nft (nftables).
--
u34
More information about the arch-general
mailing list