Hello to evrybody
I havee one VPS . OS on that mashine is Centos 7(CentOS Linux release 7.3.1611 (Core)).
My problem is that I could not manage to adjust fail2ban and firewall. I copy jail.conf to jail.local and I made some changes:
[sshd]
enabled = true
banaction = firewallcmd-ipset
action = %(action_mw)s
If someone can help me with this?
This is some outputs:
sudo fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 1
| |- Total failed: 7
| `- Journal matches: _SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
|- Currently banned: 0
|- Total banned: 1
`- Banned IP list:
systemctl status firewalld -l
* firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-01-26 13:15:10 UTC; 1h 30min ago
Docs: man:firewalld(1)
Main PID: 655 (firewalld)
CGroup: /system.slice/firewalld.service
`-655 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Jan 26 13:15:12 28058.s.t4vps.eu firewalld[655]: WARNING: '/usr/sbin/iptables-restore -n' failed:
Jan 26 13:15:12 28058.s.t4vps.eu firewalld[655]: ERROR: COMMAND_FAILED
Jan 26 13:15:12 28058.s.t4vps.eu firewalld[655]: WARNING: '/usr/sbin/iptables-restore -n' failed:
Jan 26 13:15:12 28058.s.t4vps.eu firewalld[655]: ERROR: COMMAND_FAILED
Jan 26 13:30:22 28058.s.t4vps.eu firewalld[655]: ERROR: NOT_ENABLED: rule '('-p', 'tcp', '-m', 'multiport', '--dports', '22', '-m', 'set', '--match-set', 'fail2ban-sshd', 'src', '-j', 'REJECT', '--reject-with', 'icmp-port-unreachable')' is not in 'ipv4:filter:INPUT'
Jan 26 13:30:24 28058.s.t4vps.eu firewalld[655]: ERROR: NOT_ENABLED: rule '('-p', 'tcp', '-m', 'multiport', '--dports', '0:65535', '-m', 'set', '--match-set', 'fail2ban-sendmail', 'src', '-j', 'REJECT', '--reject-with', 'icmp-port-unreachable')' is not in 'ipv4:filter:INPUT'
Jan 26 13:30:25 28058.s.t4vps.eu firewalld[655]: WARNING: '/usr/sbin/iptables-restore -n' failed:
Jan 26 13:30:25 28058.s.t4vps.eu firewalld[655]: ERROR: COMMAND_FAILED
Jan 26 13:30:25 28058.s.t4vps.eu firewalld[655]: WARNING: '/usr/sbin/iptables-restore -n' failed:
Jan 26 13:30:25 28058.s.t4vps.eu firewalld[655]: ERROR: COMMAND_FAILED
firewall-cmd --state
not running
more /var/log/firewalld
2017-01-26 13:15:08 ERROR: NOT_ENABLED: rule '('-p', 'tcp', '-m', 'multiport', '--dports', '22', '-m',
'set', '--match-set', 'fail2ban-sshd', 'src', '-j', 'REJECT', '--reject-with', 'icmp-port-unreachable')
' is not in 'ipv4:filter:INPUT'
2017-01-26 13:15:10 ERROR: NOT_ENABLED: rule '('-p', 'tcp', '-m', 'multiport', '--dports', '0:65535', '-
m', 'set', '--match-set', 'fail2ban-sendmail', 'src', '-j', 'REJECT', '--reject-with', 'icmp-port-unreac
hable')' is not in 'ipv4:filter:INPUT'
2017-01-26 13:15:11 WARNING: ipset not usable, disabling ipset usage in firewall.
2017-01-26 13:15:11 WARNING: ip6tables not usable, disabling IPv6 firewall.
2017-01-26 13:15:11 WARNING: ebtables not usable, disabling ethernet bridge firewall.
2017-01-26 13:15:11 ERROR: COMMAND_FAILED
2017-01-26 13:15:12 WARNING: '/usr/sbin/iptables-restore -n' failed:
2017-01-26 13:15:12 ERROR: COMMAND_FAILED
2017-01-26 13:15:12 WARNING: '/usr/sbin/iptables-restore -n' failed:
2017-01-26 13:15:12 ERROR: COMMAND_FAILED
problem with fail2ban and firewall
Re: problem with fail2ban and firewall
What is the output from uname -a ?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: problem with fail2ban and firewall
Linux 28058 2.6.32-042stab120.6 #1 SMP Thu Oct 27 16:59:03 MSK 2016 x86_64 x86_64 x86_64 GNU/Linux
Re: problem with fail2ban and firewall
There's the source of your problems - that is not CentOS, it's an openvz container and many things are controlled by the host and cannot be done from the container. You need to talk to your hoster.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: problem with fail2ban and firewall
thanks
I will do that
I will do that