Related

Someone is trying to gain access, how do I stop it? Question Question
Afterward make these changes should I still install a firewall in my Ubuntu? Question Question

Question

fail2ban and Webmin firewall rules gone after restart?

Posted January 30, 2016 3.5k views
UbuntuSecurityFirewall

Hi,

It used to be different, as far as I remember, but for a while I noticed that the firewall rules added by Webmin don’t get added at reboot, and that fail2ban doesn’t start (most likely because var/run is cleaned up, and the dir var/run/fail2ban is removed at reboot.)

The init script of fail2ban even creates the dir, but still, no luck.

Now, I know, and when I restart I know what to do, but in the event the droplet restarts without my knowledge (as happened once) I may run into problems.

How can I get fail2ban running and the Webmin firewall rules applied after a restart?

TIA

Add a comment
tonyweb
By:
tonyweb
Add a comment
1 comment
  • gndo January 30, 2016
    Reply Report

    There’s automatically starting fail2ban (service fail2ban start), and then there’s reloading the iptable rules that fail2ban added, which is a bit tricky because reloading stale or broken rules could mess up your iptables and might accidentally lock you out. The command to filter the fail2ban iptable rules is something like:

    iptables-save | grep -- "-A fail2ban"

    Someone else will have to explain how to preserve and safely restore those rules.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
tonyweb February 1, 2016

Ok, to answer my own question.

Since I installed fail2ban v 0.9.3 (best working for me) I had to copy the right startup script in /etc/init.d (debian-initd in the package)

(i had previous versions, and never noticed a wrong script there)

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help