Re: [Fail2ban-users] Firewalld/ipset ban repeated offenders

Mon, 03 Apr 2017 10:55:03 -0700 

Thank you for replying!

Yes, the system can use iptables. sorry i forgot to mention what our system
is:

CentOS-7
fail2ban-systemd-0.9.6-3.el7.noarch
fail2ban-sendmail-0.9.6-3.el7.noarch
fail2ban-firewalld-0.9.6-3.el7.noarch
fail2ban-0.9.6-3.el7.noarch
fail2ban-server-0.9.6-3.el7.noarch

But to answer the question more clearly we have firewalld which to my
understanding manages iptables. With the current fail2ban setup we use the
actionban firewalldcmd-ipset.conf
<https://github.com/fail2ban/fail2ban/blob/0.10/config/action.d/firewallcmd-ipset.conf>
which
uses `ipset` to do the literal ban. The fail2ban-systemd installed adds the
00-firewalld.conf jail, which has

> [DEFAULT]
> banaction = firewallcmd-ipset

so that's why i was trying to use firewalld/ipset as the permanent ban
solution.
Am i looking at this all wrong?

thanks again

On Mon, Apr 3, 2017 at 1:08 PM, Dominic Raferd <domi...@timedicer.co.uk>
wrote:

> On 3 April 2017 at 16:57, Dave Macias <dav...@gmail.com> wrote:
>
>> Im trying to figure out how to set this up.
>> I've googled a bit and all i've seen articles using `iptables` which we
>> dont use. I've also seen that you can use the recidive filter for this but
>> this too uses iptables :(
>>
>
> ​Are you sure your system can't use iptables (try 'man iptables')? It is
> the standard low-level firewall-manipulation tool for GNU/Linux, and it is
> the one that fail2ban is designed to work with. It might be possible to get
> fail2ban working with a different firewall tool but I think you would need
> to rewrite the fail2ban actions - see man jail.conf.
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
>

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to