1 Topic by bwwill

  • bwwill
  • Member
  • Offline
  • Registered: 2016-07-10
  • Posts: 2

Topic: fail2ban deletes existing iptables rules

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu Server 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? no
- Related log if you're reporting an issue:
====

When I installed iRedMail I did not install the default iptables rules.  I had my own set of rules that were more restrictive than the default set, especially regarding ssh access.  Everything works well, except I finding that whenever fail2ban adds an IP address it is wiping out all of my iptables rules.  Does fail2ban look to a specific file that contains the default iptables rules?  Is there another explanation for why my rule keep disappearing?  Any help would be appreciated.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,165

Re: fail2ban deletes existing iptables rules

bwwill wrote:

Does fail2ban look to a specific file that contains the default iptables rules?

No. Fail2ban just deletes the rule with 'iptables' command. You can check action definition in /etc/fail2ban/action.d/.

bwwill wrote:

Is there another explanation for why my rule keep disappearing?

No idea. Do you have any program or cron job updating iptables rules?