Hi,
It used to be different, as far as I remember, but for a while I noticed that the firewall rules added by Webmin don’t get added at reboot, and that fail2ban doesn’t start (most likely because var/run is cleaned up, and the dir var/run/fail2ban is removed at reboot.)
The init script of fail2ban even creates the dir, but still, no luck.
Now, I know, and when I restart I know what to do, but in the event the droplet restarts without my knowledge (as happened once) I may run into problems.
How can I get fail2ban running and the Webmin firewall rules applied after a restart?
TIA
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Ok, to answer my own question.
Since I installed fail2ban v 0.9.3 (best working for me) I had to copy the right startup script in /etc/init.d (debian-initd in the package)
(i had previous versions, and never noticed a wrong script there)
Click below to sign up and get $100 of credit to try our products over 60 days!
There’s automatically starting fail2ban (service fail2ban start), and then there’s reloading the iptable rules that fail2ban added, which is a bit tricky because reloading stale or broken rules could mess up your iptables and might accidentally lock you out. The command to filter the fail2ban iptable rules is something like:
Someone else will have to explain how to preserve and safely restore those rules.