From: Kenneth P. <sh...@se...> - 2020-09-04 00:31:05
|
On 9/3/2020 9:16 AM, Phillip Carroll wrote: > > Most likely I didn't need the reboot. All I needed to do was use the > console command: > > systemctl restart fail2ban. > > All of my "manual restarts" of fail2ban server were previously done > using Webmin. Webmin presents a nice interactive page with "Fqail2Ban > Intrusion Detector" with buttons for restart server, and stop server. > > HOWEVER: This method of restarting is evidently seriously broken. My sysadmin motto is: GUIs lie. I had a similar issue when setting up a Windows Server a few years ago as a border router and couldn't get the routing and firewall to work right. I ended up resetting to factory and starting over. My love of Linux is because I can go deep, all the way to source code, if necessary, to see what's really going on. Windows is a beautiful thing when it works, but a horrible thing to debug when anything goes wrong. It sounds like Webmin has the same issue. It's like a Buick that's pleasant to drive but you have to take it to the dealer whenever you have an issue and pay big bucks to get "professionals" to fix it. Your issues led me to look at my own fail2ban logs and discover a bug in the default port variable, which I just reported on GitHub. In the process of debugging, I also found it necessary to restart firewalld ("systemctl restart firewalld"), as my fail2ban-ipset rules weren't getting refreshed by firewalld. That might be a bug in either firewalld or fail2ban but I lack the time to pursue that and it's now working, so I'm mentioning it in case anyone else sees this symptom. |