Hi, Le 17/06/2015 14:39, AJ Weber a écrit : > Sorry, I didn't find this with a Google search or in the "manual." > > Is there a way to configure fail2ban to insert the configured jails > starting at a certain point in iptables? In other words, when fail2ban > starts on my CentOS boxes, all my enabled jails start getting inserted > in the INPUT table at #1 (first rule). Can I tell fail2ban to start > inserting them at #2 or 3? (I would like my GeoIP rules to run first, > and maybe my "Related" rule, THEN use the fail2ban checks.)
Just copy your action.d/<action>.conf to action.d/<action>.local, and tweak the latter to your needs. From the iptables manual: > -I, --insert chain [rulenum] rule-specification > Insert one or more rules in the selected > chain as the given rule number. So, if > the rule number is 1, the rule or rules > are inserted at the head of the chain. > This is also the default if no rule number > is specified. Regards, Yves. ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
