Fail2Ban found match, but seems not to block the request


Webmin 1.981
Virtualmin 6.17

I do have installed fail2ban and see the chain f2b-proftpd in “Linux Firewall” section:

But if I open the cli, and have a loock at fail2ban.log or auth.log, I see, that this IP still try to access the server. So it seems not to be blocked by the Firewall-Rule:

Any Idea, why fail2ban detect the intrusion, but iptables don’t block it?

what’s your firewall? does fail2ban use that action or some default? could be that case…

It’s an default webmin installation. I think it’s IPTables as firewall ?!? How can I check this?
In the Webmin-UI I do use “firewallD”

I didn’t add any fail2ban zone manually, so I think fail2ban setup had created it.

if you use firewalld, you probably should set banaction in /etc/fail2ban/jail.local or any custom conf, to some relative action. eg.
banaction = firewallcmd-ipset

(not sure about it though, never used firewalld.)

ah, that’s might be the issue. Didn’t know that this is needed.
My current config-file looks like this:


Where can I see which banaction-parameter are possible?

all action files are here : /etc/fail2ban/action.d/
webmin → fail2ban → Match Actions

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.