Is 00-firewalld.conf file mandatory with fail2ban

Hello,
I’ve installed several Debian12 servers from scratch using Virtualmin to install everything.
It is running FirewallId and fail2ban and all seems to work (bad people gets banned).

I started to read this thread about Lynis and finally get to check my fail2ban file: /etc/fail2ban/jail.d/00-firewalld.conf
And I found out that I don’t have such file.

Is that normal or should I create it ?

If yes should it contain:

[DEFAULT]
banaction = firewallcmd-rich-rules
banaction_allports = firewallcmd-rich-rules

Thanks

if it is working (and you said it is)
why ask?

Yes, that’s the right way—except for the [actiontype=<multiport>] and [actiontype=<allports>] parts. OpenSUSE seems to be the first to make that buggy recommendation, but as far as I know, all you really need is:

[DEFAULT]
banaction = firewallcmd-rich-rules
banaction_allports = firewallcmd-rich-rules

We’ll have this applied in the next Virtualmin Config release as well.

Hello Stegan,

I asked myself too.

My understanding of what “is working” continues to evolve alongside my growing experience in server administration, a field that is dynamic and changing.

Regarding this specific question, I’ve come across mentions of potential issues related to IPv6 addresses and have seen recommendations suggesting this might be a factor.

I’ve chosen to ask this question because I use and a I’m a fan supporter of Virtualmin/Webmin + the knowledge shared by the Virtualmin community has always been very valuable to my tasks.

Hope this makes for a good read with your coffee.

As always, thank you Ilia. (was may the 4th yesterday)

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.