On Thu, Aug 12, 2021 at 09:25:57PM +0100, Nick Howitt wrote: > > > On 12/08/2021 20:37, Alain D D Williams wrote: > > > > Hi, > > > > I have just installed fail2ban on a Debian 10 box. This has my own > > hand-written > > iptables firewall and I have changed it to call f2b-sshd at an appropriate > > point. > > > > However I notice that at the top of the INPUT chain this now exists: > > > > f2b-sshd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport > > dports 22 > > > > So f2b-sshd is called for every incoming packet. I do not want this as I > > call > > f2b-sshd elsewhere. > > > > How do I stop this happening ? > > > > Thanks in advance > > > > I have a couple of other questions that I will ask separately. > > > Change the rule back and let the default rules set up their own iptables > rule.
Thanks for your reply. The stuff below I am happy with, the chain f2b-sshd being created & populated. What I did not want was fail2ban inserting something at the top of the INPUT chain that calls f2b-sshd; I do not want it as I want to call f2b-sshd from within my own chains. I can delete the call to f2b-sshd at the top of INPUT ... but on restart/... it will probably get replaced - that is what I want to stop. > All the rule is is a jump to a chain called f2b-sshd. Then f2b will add its > bans to the f2b-sshd chain. There is no problem with all packets passing > through the f2b-sshd chain. At the end of the chain the packets, if not > dropped in the chain, return to go through the next rule in the INPUT chain. > > Nick -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include <std_disclaimer.h> _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
