I forgot to mention that firewallcmd-new action seems to work without any burden.
From: [email protected] To: [email protected] Subject: RE: [Fail2ban-users] Centos 7 fail2ban issue Date: Wed, 26 Aug 2015 12:44:31 +0000 Yes that must be a problem with KVM template. But what about an ipv6 attacker trying to login? Would that action ban him as well? To: [email protected] From: [email protected] Date: Wed, 26 Aug 2015 14:30:10 +0200 Subject: Re: [Fail2ban-users] Centos 7 fail2ban issue I have a fresh Centos 7.1 install and my firewallcmd-ipset.conf file contains the correct syntax. Also looking at the source code https://github.com/fail2ban/fail2ban/blob/master/config/action.d/firewallcmd-ipset.conf it has the correct syntax and I don't see any commits that have changed that part of the file since the original commit nor did I see any epel patches that would have changed it. Looks like a problem with a local customization (maybe in the template for the VM). John On 08/26/2015 01:35 PM, Ali Metin wrote: Hi I was having the following error at fail2ban.log file on a Centos 7.1 machine (actually a KVM template) with fail2ban epel package and firewalld-systemd backend ERROR ipset create fail2ban-sshd hash:ip timeout 3600 firewall-cmd --direct --add-rule filter INPUT 0 -p tcp -m multiport --dports 2021 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stdout: '\x1b[91mwrong priority\nusage: --direct --add-rule { ipv4 | ipv6 | eb } <table> <chain> <priority> <args>\x1b[00m\n' I understood that there is ipv4|ipv6|eb missing in the firewallcmd-ipset actionstart action. After inserting ipv4 keyword properly at actionstart command in file /etc/fail2ban/action.d/firewallcmd-ipset.conf the error seems to resolve. My question is "is this a known bug? and how can it be fixed correctly?" ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
