From: Yaroslav H. <li...@on...> - 2008-05-29 14:49:44
|
may be iptables gets confused a bit while having two chains with the same name if taken in the same case... stop fail2ban remove any traces of it in iptables: for chain in fail2ban-SSH fail2ban-ssh; do iptables -D INPUT -p tcp -m multiport --dports 22 -j $chain iptables -F $chain iptables -X $chain done ah -- probably wouldn't work fine since you have two jumps from INPUT over to fail2ban-ssh but none to fail2ban-SSH so just remove them manually by line number iptables -D INPUT 1 iptables -D INPUT 1 if there is nothing else there after you made sure that no traces of fail2ban is there (iptables -L -n) -- try starting it again On Thu, 29 May 2008, Lasse Bigum wrote: > On 00:24, Thu 29 May, Yaroslav Halchenko wrote: > > > meridian linux # iptables -N fail2ban-SSH > > > iptables: Chain already exists > > > meridian linux # iptables -A fail2ban-SSH -j RETURN > > > meridian linux # iptables -I INPUT -p tcp --dport ssh -j fail2ban-SSH > > > iptables: No chain/target/match by that name > > wow -- interesting ;-) I wonder if INPUT is missing somehow? (since > > iptables just previousely confirmed that fail2ban-SSH is already there > > ;-)) > > what is your iptables -L -n ? does it show INPUT and fail2ban-SSH? > meridian ~ # iptables -L -n > Chain INPUT (policy ACCEPT) > target prot opt source destination > fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 > fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 > Chain FORWARD (policy ACCEPT) > target prot opt source destination > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > Chain fail2ban-SSH (0 references) > target prot opt source destination > RETURN all -- 0.0.0.0/0 0.0.0.0/0 > Chain fail2ban-ssh (2 references) > target prot opt source destination > RETURN all -- 0.0.0.0/0 0.0.0.0/0 > RETURN all -- 0.0.0.0/0 0.0.0.0/0 > meridian ~ # > /Lasse -- .-. =------------------------------ /v\ ----------------------------= Keep in touch // \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User ^^-^^ [175555] |