Fail2ban with firewalld

Support for security such as Firewalls and securing linux
Post Reply
JackBauer
Posts: 23
Joined: 2020/05/19 13:56:35

Fail2ban with firewalld

Post by JackBauer » 2020/09/16 21:31:10

Hello,

I just copied jail.conf to jail.local

Inside of jail.local I have this

Code: Select all

# Default banning action (e.g. iptables, iptables-new,
# iptables-multiport, shorewall, etc) It is used to define
# action_* variables. Can be overridden globally or per
# section within jail.local file
banaction = iptables-multiport
banaction_allports = iptables-allports
It looks like iptables is the default.

Then I have this file

Code: Select all

[root@nsxxx688 jail.d]# cat 00-firewalld.conf
# This file is part of the fail2ban-firewalld package to configure the use of
# the firewalld actions as the default actions.  You can remove this package
# (along with the empty fail2ban meta-package) if you do not use firewalld
[DEFAULT]
banaction = firewallcmd-rich-rules[actiontype=<multiport>]
banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]
[root@nsxxx688 jail.d]#
How to make the firewalld the default instead of iptables?

Should I reference 00-firewalld.conf in some way inside of jail.local?

Thanks

JackBauer
Posts: 23
Joined: 2020/05/19 13:56:35

Re: Fail2ban with firewalld

Post by JackBauer » 2020/09/16 22:35:16

OK, I found my mistake.

What I need to do is to just have jail.local with the jail I want enabled.

For example if I want ssh jail enabled I have to create a file jail.local with only this

Code: Select all

[sshd]
enabled = true
And now I am using firewallcmd-rich-rules :D :lol:

Sometimes I overcomplicate things and I don't read the guides.

Post Reply

Return to “CentOS 8 - Security Support”