On 20 March 2014 13:04, Richard Shaw <hobbes1...@gmail.com> wrote: > On Wed, Mar 19, 2014 at 10:57 PM, Orion Poplawski <or...@cora.nwra.com> > wrote: >> >> On 03/19/2014 09:10 PM, Richard Shaw wrote: >> > Ok using Jonathan's suggestion for the settings from a clean install I'm >> > getting an error whether I use the systemd backend or not... >> > >> >[12698]: ERROR ipset >> > create fail2ban-sshd hash:ip timeout 600 >> > firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport >> > --dports ssh -m set --match-set fail2ban-sshd src -j REJECT >> > --reject-with icmp-port-unreachable -- stderr: '/bin/sh: ipset: command >> > not found\n' >> ^^^^^^^^ >> >> Currently we're missing a requires on ipset. > > > > Ok, is installing ipset sufficient or do I need to enable the service as > well?
Installing ipset should be sufficient to start the fail2ban service. But, you'll need to have selinux-policy-3.12.1-135 or later installed, otherwise you'll hit this: https://bugzilla.redhat.com/show_bug.cgi?id=1069640 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
