On 8/28/2019 8:02 AM, STR . wrote:
I created the subchain named fail2ban_root and created iptables-
common.local as suggested with the chain name.
However, fail2ban still creates and uses the old chain 'f2b-<name>'
from /etc/fail2ban/action.d/iptables.conf
It is adding IPs to ban to the old chain 'f2b-sshd', I thought it would
use the new chain 'fail2ban_root'? What am I missing here?
f2b creates a chain for every jail. The chain setting in iptables-common
specifies the root chain from which all its other chains are called. It
defaults to INPUT (in iptables-common.conf). That's probably why f2b
was deleting all your rules in INPUT when you flushed f2b. By using a
sub-chain of INPUT as f2b's root chain, f2b will only flush and delete
its own chains.
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
