[Fail2ban-users] R: fail2ban on centos 7 delete my iptables rules

Fri, 09 Sep 2016 05:53:57 -0700 

Hello again to everyone, I beg your pardon but I’m still facing this issue
with my fail2ban installation on my centos 7.
I’ve looked around to found a solution without success .
These are my rules added using webadmin:

================================
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state
RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     tcp  --  192.168.1.0/24       0.0.0.0/0            tcp dpt:22
state NEW
ACCEPT     tcp  --  83.216.185.64/27     0.0.0.0/0            tcp dpt:22
state NEW
ACCEPT     tcp  --  192.168.1.0/24       0.0.0.0/0            tcp dpt:10000
state NEW
ACCEPT     tcp  --  83.216.185.64/27     0.0.0.0/0            tcp dpt:10000
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp
dpt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpts:20:21
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp
dpts:30000:30003
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            78.5.71.152          tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            78.4.123.194         tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            83.216.185.66        tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            83.216.185.79        tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            83.216.185.75        tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            127.0.0.1            tcp dpt:25
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:25
reject-with icmp-port-unreachable
================================

But when I start fail2ban all these rules are delete and substituted with
these
Chain INPUT (policy ACCEPT)

================================
target     prot opt source               destination
f2b-php-url-open  tcp  --  0.0.0.0/0            0.0.0.0/0
multiport dports 80,443
f2b-NoScript  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
f2b-NoScript  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
f2b-BadBots  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport
dports 80,443
f2b-VSFTPD  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:21
f2b-SSH    tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state
RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp
dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp
dpt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp
dpt:21
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp
dpt:10000
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain f2b-BadBots (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-NoScript (2 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-SSH (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-VSFTPD (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-php-url-open (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
================================

On centos 6 installation, fail2ban configuration simply add its rules to the
existing.

Could someone help me ?
Thanks again a lot.



Dr. Marcello Anderlini
---------------------------------------------
Database Informatica S.r.l.
Microsoft Certified Partner
Tel.  +39059773888
Fax. +39059779545
http://www.database.it/ 
http://www.facebook.com/DatabaseInformatica

Da: Marcello Anderlini [mailto:[email protected]] 
Inviato: giovedì 8 settembre 2016 15:29
A: '[email protected]'
<[email protected]>
Oggetto: fail2ban on centos 7 delete my iptables rules

Hello to everyone, I’m trying to setup fail2ban on a centos 7
I’ve disabled firewallcmd and installed iptables. I ‘ve copied fail2ban conf
from a running centos 6 configuration but fail2ban instead of add is
firewall rules to the existing one it clear all and put new rules.
By the way using the same centos 6 rules add on centos 7 more rules.
Any suggestion would be grateful appreciate.



Dr. Marcello Anderlini
mailto:[email protected]
---------------------------------------------
Database Informatica S.r.l.
Microsoft Certified Partner
Tel.  +39059773888
Fax. +39059779545
http://www.database.it/ 
http://www.facebook.com/DatabaseInformatica



------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to