Re: [Fail2ban-users] Fwd: Fail2ban sends banning emails, but does not ban

Thu, 22 Oct 2015 10:14:20 -0700 

Thank you for the reply.

The server is in Prod and have multiple applications, so going from
6.4 to 6.7 is a future plan, but not now due to other dependencies.

When those commands are done by hand it works as shown below.  While
running as automatically using fail2ban, the service is started as
root as well.  I see all fail2ban, iptables, python files are owned by
root as well.


[root@xxxxx ~]# iptables -L -n

Chain INPUT (policy ACCEPT)

target     prot opt source               destination



Chain FORWARD (policy ACCEPT)

target     prot opt source               destination



Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

[root@xxxxx ~]#

[root@xxxxx ~]#

[root@xxxxx ~]# iptables  -N f2b-ssh-iptables

[root@xxxxx ~]# iptables  -A f2b-ssh-iptables -j RETURN

[root@xxxxx ~]# iptables  -I INPUT -p tcp -m multiport --dports
0:65535 -j f2b-ssh-iptables

[root@xxxxx ~]#

[root@xxxxx ~]# iptables -L -n

Chain INPUT (policy ACCEPT)

target     prot opt source               destination

f2b-ssh-iptables  tcp  --  0.0.0.0/0            0.0.0.0/0
multiport dports 0:65535



Chain FORWARD (policy ACCEPT)

target     prot opt source               destination



Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination



Chain f2b-ssh-iptables (1 references)

target     prot opt source               destination

RETURN     all  --  0.0.0.0/0            0.0.0.0/0

[root@xxxxx ~]#





On Thu, Oct 22, 2015 at 12:24 AM, Iosif Fettich <[email protected]> wrote:
> Hi,
>
>> It would be great if someone can help.
>>
>> Please see attachment.  Summary is given below:
>>
>> As provide in below logs, configured fail2ban version
>> fail2ban-0.9.3-1.el6.noarch in CentOS release 6.4 (Final),
>
>
> Current CentOS is CentOS release 6.7 (Final). Any reason to stick with 6.4?
>
>> Oct 21 12:46:52 xxxxx fail2ban.jail[24301]: INFO Initiated 'polling'
>> backend
>
>
>> Oct 21 12:46:52 xxxxx fail2ban.action[24301]: ERROR iptables  -N
>> f2b-ssh-iptables#012iptables  -A f2b-ssh-iptables -j
>> RETURN#012iptables  -I INPUT -p tcp -m multiport --dports 0:65535 -j
>> f2b-ssh-iptables -- stdout: ''
>
>
> What happens if you run that iptables command 'by hand' ?
>
> Best regards,
>
> Iosif Fettich

------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to