Thank you so much.The content of "00-firewalld.conf" file is: $ cat /etc/fail2ban/jail.d/00-firewalld.conf # This file is part of the fail2ban-firewalld package to configure the use of# the firewalld actions as the default actions. You can remove this package# (along with the empty fail2ban meta-package) if you do not use firewalld[DEFAULT]banaction = firewallcmd-rich-rules[actiontype=<multiport>]banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]
If I remove "action = firewallcmd-ipset", then it will be working? How about SSH and MariaDB? [sshd]enabled = trueport = sshaction = firewallcmd-ipsetlogpath = %(sshd_log)smaxretry = 5bantime = 86400 [mysqld-auth]enabled = truefilter = mysqld-authport = 3306maxretry = 3bantime = 600logpath = /var/log/mariadb/mariadb.log Are they wrong too? Sent from Yahoo Mail on Android On Mon, Aug 24, 2020 at 9:04 PM, Richard Shaw<hobbes1...@gmail.com> wrote: On Mon, Aug 24, 2020 at 9:49 AM Jason Long <hack3r...@yahoo.com> wrote: Thank you for your reply. I created a file under "jaild." as below: [vsftpd] enabled = true action = firewallcmd-ipset <----- HERE port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s maxretry = 5 bantime = 86400 Assuming you didn't override 00-firewalld.conf, it should be using rich rules automatically. Try deleting that line and restart. Thanks,Richard
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
