DigitalOcean

Report this

What is the reason for this report?
Question

Why Is Fail2Ban NOT Creating The Proper IPTABLES Rules?

Posted on July 29, 2015
Security
GreenLED

By GreenLED

This is DRIVING ME INSANE!!! I need some help trying to walk through step by step what I am doing wrong. I have modified the basic F2B parameters (ignoreip, bantime, findtime, maxretry, etc.), restarted the service — my iptables configuration looks like this —

Chain INPUT (policy ACCEPT) target prot opt source destination f2b-SSH tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:35120

Chain FORWARD (policy ACCEPT) target prot opt source destination

Chain OUTPUT (policy ACCEPT) target prot opt source destination

Chain f2b-SSH (1 references) target prot opt source destination RETURN all – 0.0.0.0/0 0.0.0.0/0

If you look at THIS VIDEO, you will clearly see that the rules should be anywhere to anywhere. WHY!!! I don’t get it! I am using CentOS 6.5. I am lost for words. I would appreciate it if someone would walk me through this so we can identify together what I am missing.

I’m so tired of this thing holding me up. I am willing to pay someone to help me with this.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
rubenmmenke
rubenmmenke
January 11, 2019

For anyone coming accross this question:

for centOS you need to set systemd as backend

0
sugarhill
sugarhill
July 29, 2015

Hi GreenLED, this might not be the answer you’re looking for but until something better comes along it should be worth a try. (btw. the config in your video link looks outdated to me)

Did you check out this tutorial? https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04

I know it was written using Ubuntu but afaik you just need to replace the Ubtuntu command “apt-get” in this tutorial with Centos equivalent command “yum install” (please correct me if this is wrong) and all the rest should be the same

P.S.: This tutorial also includes how to get rid of your current iptable rules and start over fresh. Good luck!

0
alexdo
alexdo
November 19, 2022

Hello there,

You can install CSF in order to manage the Firewall configuration of the droplet. CSF is extremely easy to use and configure.

To block an IP address or range just use:

  1. csf -d IPaddress

We also have a tutorial which you can check here:

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-config-server-firewall-csf-on-ubuntu

Regards

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.