Question

Why Is Fail2Ban NOT Creating The Proper IPTABLES Rules?

Posted July 29, 2015 7.1k views
Security

This is DRIVING ME INSANE!!! I need some help trying to walk through step by step what I am doing wrong. I have modified the basic F2B parameters (ignoreip, bantime, findtime, maxretry, etc.), restarted the service — my iptables configuration looks like this —

Chain INPUT (policy ACCEPT)
target prot opt source destination
f2b-SSH tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:35120

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain f2b-SSH (1 references)
target prot opt source destination
RETURN all – 0.0.0.0/0 0.0.0.0/0

If you look at THIS VIDEO, you will clearly see that the rules should be anywhere to anywhere. WHY!!!! I don’t get it! I am using CentOS 6.5. I am lost for words. I would appreciate it if someone would walk me through this so we can identify together what I am missing.

I’m so tired of this thing holding me up. I am willing to pay someone to help me with this.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Hi GreenLED,
this might not be the answer you’re looking for but until something better comes along it should be worth a try. (btw. the config in your video link looks outdated to me)

Did you check out this tutorial?
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04

I know it was written using Ubuntu but afaik you just need to replace the Ubtuntu command “apt-get” in this tutorial with Centos equivalent command “yum install” (please correct me if this is wrong) and all the rest should be the same

P.S.: This tutorial also includes how to get rid of your current iptable rules and start over fresh. Good luck!

by Justin Ellingwood
The iptables firewall is a great way to secure your Linux server. In this guide, we'll discuss how to configure iptables rules on an Ubuntu 14.04 server.

For anyone coming accross this question:

for centOS you need to set systemd as backend

Submit an Answer