Short answer, it simply breaks and needs to be reloaded. Long answer, have a look in your logs. the fail2ban log will have failure messages each time it tries to apply a rule. Also have a look in at "iptables -nvL" where you will no longer see the f2b chains of the INPUT rules branching to them, even after f2b tries and fails to add a rule.
Similarly, when f2b stops it generally flushes the f2b chains and rules, but it also tries to unban the individual IP's from the previously flushed chains and these fail. I did recently try to change the actionunban rule to get it to check if the rule existed before deleting the rule as an intellectual exercise but I failed as "iptables -C" still returns an error which f2b logs. I could not be bothered to take it any further and make the actionunban call an external script as all it would do is tidy up the logs, rather than gain functionality. Nick On 09/11/2016 05:42, J Mo wrote: > > How does fail2ban behave when iptables rules are flushed? Does it need > to be reloaded after such an event? > > What will happen when it tries to add or remove a rule in a chain which > no longer exists? Are the chains recreated, or does fail2ban simply break? > > > > ------------------------------------------------------------------------------ > Developer Access Program for Intel Xeon Phi Processors > Access to Intel Xeon Phi processor-based developer platforms. > With one year of Intel Parallel Studio XE. > Training and support from Colfax. > Order your platform today. http://sdm.link/xeonphi > _______________________________________________ > Fail2ban-users mailing list > Fail2ban-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
