I have had quite a few IP addresses banned in the last few days (sshd = >2k) using the firewalld module to view the output no longer works webmin->networking->firewalld->List FirewallD Rules. What it does is display the first 2 smaller jails, about 20 entries in each and then ignores the rest.
I guess this indicates an issue with the firewalled module as the iptables module displays the coreect data & iptables from the command line gives the same results, not that I used the firewalld module for viewing the state of the firewall until I hit ârefresh modulesâ & both iptable modules were removed from the list as a quick if I cloned them and added them to the networking sub menu. I am not adverse to not having the iptables modules removed as long as the Firewalld module displayed the data it has in a similar way to the ip tables module
I use iptables-allports but as the ipâs are being added to the firewall rule set I donât see this has anything to do with the firewalld display issue. I do have a second webmin/virtualmin system that is setup identical, this server only has 600 entries in the sshd jail and the firewalld module displays them fine
The problem could be because firewalld and iptables are used at the same time. It is better to use
firewallcmd-allports as action.
There is currently also a problem with virtualmin setup where the default banaction = firewallcmd-ipset and the default banaction_allports = iptables-allports. This causes bans not to work.
I thought firewalld is a frontend for iptables have look here I will say the bans are working fine, itâs simply the case that the firewalld virtualmin can not display the rules when there over a certain number
Well the above command showed only what webmin displays. To fix I restarted fail2ban after the long wait for fail2ban to reban everything webmin displayed all the data correctly. The only thing I may have done is to delete a record using the firewalld module rather than fail2ban, could this be the cause ?
As a side note within the firewalld module, when you get a large amount of entries could you split the into pages rather than one big page this is also true of the fail2ban module
As a side note within the firewalld module, when you get a large amount of entries could you split the into pages rather than one big page this is also true of the fail2ban module
However, I have not yet added pagination for a long list of entries. This will be done on the second commit within next few days. I will update this ticket with further progress.