Hi All,
I have been fighting with Fail2Ban for a while and creating/deleting rules and I decided it would be a good idea to unban all banned IPs to start afresh.

I edited all jails (etc/fail2ban/jail.local) to expire after 1 second. then stopped fail2ban running in the fail2ban module. It took a few minutes to shut down.

Just as a check I thought I would take a look to see that FirewallD was also clear by going to FirewallD>List Firewalld Rules. There I see some 450+ entries like this

image1636×457 108 KB

I don’t remember having added any IP numbers by any other method than using fail2ban, in fact, I have never tried because I don’t feel confident enough to do so.

I have drawn the, maybe incorrect , conclusion that these rules are left over from failed fail2ban actions.

So, would if be safe to select ALL the rules shown in the list as above and delete them all using the delete button at the bottom of that page?

Of course, I could be totally wrong in my understanding of the whole issue if so I would appreciate being told.

Thanks for reading.

Tim

systemctl stop firewalld
iptables -F
systemctl start firewalld

Very many thanks for that. Did exactly what I needed and confirmed that I wasn’t damaging anything else.

My pleasure.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.