root@ns367930.ip-94-23-26.eu:~# cat /etc/systemd/system/fail2ban.service
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target firewalld.service
PartOf=iptables.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
And moreover :
root@ns367930.ip-94-23-26.eu:~# systemctl status firewalld
- firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2017-09-16 07:49:40 UTC; 24min ago
Docs: man:firewalld(1)
Main PID: 539 (firewalld)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/firewalld.service
`-539 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid
sept. 16 07:49:41 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: Port ‘submission/tcp’ already set, ignoring.
sept. 16 07:49:41 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: Port ‘domain/tcp’ already set, ignoring.
sept. 16 07:49:41 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: Port ‘ftp-data/tcp’ already set, ignoring.
sept. 16 07:49:41 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: Port ‘domain/udp’ already set, ignoring.
sept. 16 07:49:41 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: INVALID_HELPER: ‘nf_conntrack_ftp’ not available in kernel
sept. 16 07:52:07 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: ‘/sbin/iptables-restore -n’ failed:
sept. 16 07:52:07 ns367930.ip-94-23-26.eu firewalld[539]: ERROR: COMMAND_FAILED
sept. 16 08:04:19 ns367930.ip-94-23-26.eu firewalld[539]: ERROR: NOT_ENABLED: rule ‘(’-p’, ‘tcp’, ‘-m’, ‘multiport’, ‘–dports’, ‘smtp,465,submission,imap3,imaps,pop3,pop3s’, ‘-m’, ‘set’, '–ma
sept. 16 08:04:36 ns367930.ip-94-23-26.eu firewalld[539]: WARNING: ‘/sbin/iptables-restore -n’ failed:
sept. 16 08:04:36 ns367930.ip-94-23-26.eu firewalld[539]: ERROR: COMMAND_FAILED
root@ns367930.ip-94-23-26.eu:~# systemctl restart firewalld
root@ns367930.ip-94-23-26.eu:~# systemctl status firewalld
- firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2017-09-16 08:15:01 UTC; 3s ago
Docs: man:firewalld(1)
Main PID: 5686 (firewalld)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/firewalld.service
`-5686 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid
sept. 16 08:15:01 ns367930.ip-94-23-26.eu systemd[1]: Starting firewalld - dynamic firewall daemon…
sept. 16 08:15:01 ns367930.ip-94-23-26.eu systemd[1]: Started firewalld - dynamic firewall daemon.
sept. 16 08:15:01 ns367930.ip-94-23-26.eu firewalld[5686]: WARNING: Port ‘submission/tcp’ already set, ignoring.
sept. 16 08:15:01 ns367930.ip-94-23-26.eu firewalld[5686]: WARNING: Port ‘domain/tcp’ already set, ignoring.
sept. 16 08:15:01 ns367930.ip-94-23-26.eu firewalld[5686]: WARNING: Port ‘ftp-data/tcp’ already set, ignoring.
sept. 16 08:15:01 ns367930.ip-94-23-26.eu firewalld[5686]: WARNING: Port ‘domain/udp’ already set, ignoring.
sept. 16 08:15:01 ns367930.ip-94-23-26.eu firewalld[5686]: WARNING: INVALID_HELPER: ‘nf_conntrack_ftp’ not available in kernel