Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

fail2ban not creating iptables rules
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
alienjon
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1709
PostPosted: Sun Mar 03, 2019 4:39 pm    Post subject: fail2ban not creating iptables rules Reply with quote
I'd had fail2ban up and running for a little while now, but I recently wanted to have a review of my iptables rules. Documentation states that fail2ban is supposed to automatically create it's own rules (which makes sense) but after I revamped my iptables and restarted fail2ban, none of the rules were added. I do get my e-mail notifications from fail2ban and the init.d script shows that it's running, but I find it hard to believe it'll do anything without the rules to enforce them. Any thoughts?
Back to top
View user's profile Send private message
Syl20
l33t
l33t


Joined: 04 Aug 2005
Posts: 619
Location: France
PostPosted: Mon Mar 04, 2019 4:46 pm    Post subject: Reply with quote
What does fail2ban say (to syslog) when you restart the service ?
Back to top
View user's profile Send private message
alienjon
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1709
PostPosted: Wed Mar 06, 2019 1:49 am    Post subject: Reply with quote
Quote:
What does fail2ban say (to syslog) when you restart the service ?
Nothing new, I'm afraid.

I did a bit more digging and found that apparently the iptables rules aren't supposed to be created UNTIL criteria for a filter has been met (in other words, the rule is created on the fly and not when the service starts). Only problem is, that I won't be able to know that for certain until one of my jails triggers.
Back to top
View user's profile Send private message
Syl20
l33t
l33t


Joined: 04 Aug 2005
Posts: 619
Location: France
PostPosted: Mon Mar 11, 2019 4:19 pm    Post subject: Reply with quote
alienjon wrote:
apparently the iptables rules aren't supposed to be created UNTIL criteria for a filter has been met (in other words, the rule is created on the fly and not when the service starts).

I discover this "lazy initialization" too.
https://github.com/fail2ban/fail2ban/issues/2167
https://github.com/fail2ban/fail2ban/pull/1742

I can't verify now (the proxies at work forbid it), but I believe fail2ban still creates its own chains when starting, on my home firewall... Perhaps I enabled or disabled some related parameters, a long long time ago. Will check.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy