Fail2ban config conflicts with Firewall Config

cmmacneill53 · February 17, 2024, 9:21pm

For many years Webmin has had problems with fail2ban config and Firewall config collisions.

When opening Firewall configuration settings are read from the static /etc/iptables.up.rules, however this is not the true current state of a running system.

Webmin should read the current in memory config to ensure current fail2ban “REJECTS” aren’t obliterated.

There can also be an issue when saving/applying updates. If during the Firewall edit process fail2ban has changed the list of rejected addresses, this will be overwritten when applying Firewall changes.

SYSTEM INFORMATION
OS type and version	Debian 11.9
Webmin version	2.105

jimr1 · February 18, 2024, 4:21pm

what action do you use in the jail(s) ? I found similar issues to you, however I changed the fail2ban jail action to ‘iptables-allports’ and most of these issues went away (on Ubuntu). This combined with the newer fail2ban module does make it easier to manage bans

system · April 18, 2024, 4:21pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.