Menu
▾
▴
Re: [Fail2ban-users] How to implement ban using ipset
|
From: Kenneth P. <sh...@se...> - 2020-09-04 00:31:05
|
On 9/3/2020 9:16 AM, Phillip Carroll wrote:
>
> Most likely I didn't need the reboot. All I needed to do was use the
> console command:
>
> systemctl restart fail2ban.
>
> All of my "manual restarts" of fail2ban server were previously done
> using Webmin. Webmin presents a nice interactive page with "Fqail2Ban
> Intrusion Detector" with buttons for restart server, and stop server.
>
> HOWEVER: This method of restarting is evidently seriously broken.
My sysadmin motto is: GUIs lie.
I had a similar issue when setting up a Windows Server a few years ago
as a border router and couldn't get the routing and firewall to work
right. I ended up resetting to factory and starting over.
My love of Linux is because I can go deep, all the way to source code,
if necessary, to see what's really going on. Windows is a beautiful
thing when it works, but a horrible thing to debug when anything goes
wrong. It sounds like Webmin has the same issue. It's like a Buick
that's pleasant to drive but you have to take it to the dealer whenever
you have an issue and pay big bucks to get "professionals" to fix it.
Your issues led me to look at my own fail2ban logs and discover a bug in
the default port variable, which I just reported on GitHub. In the
process of debugging, I also found it necessary to restart firewalld
("systemctl restart firewalld"), as my fail2ban-ipset rules weren't
getting refreshed by firewalld. That might be a bug in either firewalld
or fail2ban but I lack the time to pursue that and it's now working, so
I'm mentioning it in case anyone else sees this symptom.
|