Hi,
BACKGROUND: I run ubuntu 14.04 and enabled ufw. Because I’m a n00b at virtualmin, I noticed that the iptables settings didn’t show in virtualmin and so I clicked on [Revert Configuration]. What happened is all the ufw chains got imported into the iptables config.
Since there was no easy way to remove all of the ufw-XXX chains (yes, even after ‘ufw disable’)… I went and removed the chains in the UI. Unfortunately, I didn’t notice that I was removing fail2ban chains as well…
(Yes, forehead slaps now…)
So, the problem is the fail2ban.logs:
2015-06-17 00:53:23,138 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh
iptables -F fail2ban-ssh
iptables -X fail2ban-ssh returned 100
2015-06-17 00:53:23,327 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -j fail2ban-recidive
iptables -F fail2ban-recidive
iptables -X fail2ban-recidive returned 100
This looked suitably bad, so I ran “iptables -L” at a shell prompt and noticed the extent of the problem I’d made…
The Question:
Does anyone know how to reinstate the standard fail2ban chains in iptables?
Many thanks,
Craig