Menu
tonyweb
By:
tonyweb

fail2ban and Webmin firewall rules gone after restart?

January 30, 2016 1.5k views
Security Firewall Ubuntu

Hi,

It used to be different, as far as I remember, but for a while I noticed that the firewall rules added by Webmin don't get added at reboot, and that fail2ban doesn't start (most likely because var/run is cleaned up, and the dir var/run/fail2ban is removed at reboot.)

The init script of fail2ban even creates the dir, but still, no luck.

Now, I know, and when I restart I know what to do, but in the event the droplet restarts without my knowledge (as happened once) I may run into problems.

How can I get fail2ban running and the Webmin firewall rules applied after a restart?

TIA

1 comment
  • gndo January 30, 2016

    There's automatically starting fail2ban (service fail2ban start), and then there's reloading the iptable rules that fail2ban added, which is a bit tricky because reloading stale or broken rules could mess up your iptables and might accidentally lock you out. The command to filter the fail2ban iptable rules is something like:

    iptables-save | grep -- "-A fail2ban"

    Someone else will have to explain how to preserve and safely restore those rules.

Log In to Comment
1 Answer
tonyweb February 1, 2016

Ok, to answer my own question.

Since I installed fail2ban v 0.9.3 (best working for me) I had to copy the right startup script in /etc/init.d (debian-initd in the package)

(i had previous versions, and never noticed a wrong script there)

Reply
Have another answer? Share your knowledge.

Related Questions