My understanding is that configs done in jail.d overwrite configs doen in jail.conf/jail.local
I setup /etc/fail2ban/jail.d/sshd.local as:
[sshd]
enabled = true
port = <custom_port>
action = iptables-multiport
logpath = /var/log/fail2ban.log
maxretry = 5
bantime = 600
But , iptables -L -n | grep f2b, shows
f2b-auth tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-overflows tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-noscript tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-badbots tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-default tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
Chain f2b-auth (1 references)
Chain f2b-badbots (1 references)
Chain f2b-default (1 references)
Chain f2b-noscript (1 references)
Chain f2b-overflows (1 references)
Not only does it not show the jail, but also it shows port 22 which is not the one configured in sshd.local
Where am I missing something?
fail2ban-client status sshd shows:
Status for the jail: sshd
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- Journal matches: _SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
Thanks, Wolfgang
fail2ban config does not show in iptables
-
- Posts: 1521
- Joined: 2014/05/21 20:16:00
- Location: Central New York, USA
Re: fail2ban config does not show in iptables
Mine (set up ony in the two .local files) doesn't either - but the banned addresses do!