On 3/9/2018 11:47 AM, fbeye wrote: > My first time posting so if I did not do this rift (send to correct > email or correct way to establish a new topic) please forgive me. > > Here is my question. I am running a Cisco ASA using Zones in my Router > and therefore _not _using IPTABLES as a security measure. My ASA is > quite strict so I have no fear, thus far. > BUT I realize (understand) that fail2ban uses rc.firewall/iptables for > its BAN options.
Wrong. Fail2ban uses anything that can be made into an "action". Actions are in /etc/fail2ban/action.d/, that is, those already implemented and shipped with fail2ban. Anybody can make their own, or just add one already made from somewhere else. > Or does it? I guess my question is can IPTABLES be run outside of having > to use rc.firewall or are they hand in hand? I don't know what you mean by rc.firewall, but I guess is something that comes with a specific Linux distro, so the answer is no, they don't come/need to be together (I use fail2ban on a NAS, which has its own Linux distro, and no rc.firewall, just iptables). > Is the fail2ban IPTABLES setup temporary (as in until reboot)? Yes, and no. There is no database, but at startup fail2ban scans the log (or logs) again, and it something falls within the "findtime" it will add it again; so it works like a persistent database, except if you truncate/rotate the logs faster that findtime. > If I do indeed need rc.firewall, is there a recommendation on BARE > minimum strictly for fail2ban usage? > > Thanks guys! And love reading all your responses. Hope this helps. -- René Berber ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
