Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation
Reload this Page fail2ban is doing nothing?
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
Page 2 of 2 1 2
 
Thread Tools Display Modes
  #11  
Old 6th August 2009, 14:57
rlischer rlischer is offline
Senior Member
  
Join Date: Jul 2009
Posts: 120
Thanks: 5
Thanked 1 Time in 1 Post
Default
iptables refuses to start, no errors, even after reboot, nothing.

tried
Code:
chkconfig iptables on
Code:
service iptables start
Code:
/etc/init.d/iptables start
Reply With Quote
Sponsored Links
  #12  
Old 6th August 2009, 15:03
gscott187 gscott187 is offline
Junior Member
  
Join Date: Jul 2009
Posts: 17
Thanks: 1
Thanked 5 Times in 4 Posts
Default fail2ban not working
You can start iptables firewall with the command:

system-config-securitylevel-tui

This screen is text and may not show that well on a terminal but you can Tab around well enough. Tab to where it shows Security Level and press spacebar to leave an asterisk against Enabled.

Tab to SELinux and leave as Disabled

Tab to OK and press Enter

This will start the firewall and create all of the right files etc.


To determine the run levels in which ipables will start, type:

chkconfig --list iptables

you should see:

iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off


This shows that ipables will start in run levels 2 through 5 (the default run level and what you're most likely in now is 3).
Reply With Quote
  #13  
Old 6th August 2009, 15:09
rlischer rlischer is offline
Senior Member
  
Join Date: Jul 2009
Posts: 120
Thanks: 5
Thanked 1 Time in 1 Post
Default
Thanks. It says this now:

Code:
[root@server ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
3    ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
5    ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353
6    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:631
8    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
10   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
Reply With Quote
  #14  
Old 6th August 2009, 15:14
rlischer rlischer is offline
Senior Member
  
Join Date: Jul 2009
Posts: 120
Thanks: 5
Thanked 1 Time in 1 Post
Default
I think it is blocking my sites now. I have no idea what ports I need open, of course 80, 21 for web ftp, but email, squerrel mail and anything else I don't know how to open?
Reply With Quote
  #15  
Old 6th August 2009, 15:25
gscott187 gscott187 is offline
Junior Member
  
Join Date: Jul 2009
Posts: 17
Thanks: 1
Thanked 5 Times in 4 Posts
Default fail2ban not working
So fail2ban appears to be working - good.

The iptables output shown is the default filter. This needs to be configured for your requirements. One of the things I advise you change are the default policy for INPUT and FORWARD chains from ACCEPT to DROP.

I've sent a HowTo on SquirrelMail and fail2ban to Falko that will be published here in the next few days (once it's been vetted). So if you're interested in setting up SquirrelMail with fail2ban be sure to read that. There's a few gotchas that can catch people out setting this one up.

As far as inbound ports/services to open, it all depends on what you intend running. For example:

Web - port 80 (http)
Secure Web - port 443 (https)
Plain text email - port 25, 110, 143 (smtp, POP3, IMAP4)
File transfer - port 20, 21 (ftp)
Secure Shell - port 22 (ssh)

There are several others but be very conservative and ask yourself what you REALLY need open.
Reply With Quote
  #16  
Old 6th August 2009, 15:44
rlischer rlischer is offline
Senior Member
  
Join Date: Jul 2009
Posts: 120
Thanks: 5
Thanked 1 Time in 1 Post
Default
Quote:
Originally Posted by gscott187 View Post
So fail2ban appears to be working - good.

The iptables output shown is the default filter. This needs to be configured for your requirements. One of the things I advise you change are the default policy for INPUT and FORWARD chains from ACCEPT to DROP.

I've sent a HowTo on SquirrelMail and fail2ban to Falko that will be published here in the next few days (once it's been vetted). So if you're interested in setting up SquirrelMail with fail2ban be sure to read that. There's a few gotchas that can catch people out setting this one up.

As far as inbound ports/services to open, it all depends on what you intend running. For example:

Web - port 80 (http)
Secure Web - port 443 (https)
Plain text email - port 25, 110, 143 (smtp, POP3, IMAP4)
File transfer - port 20, 21 (ftp)
Secure Shell - port 22 (ssh)

There are several others but be very conservative and ask yourself what you REALLY need open.
Thanks! I will be watching for your howto.
Reply With Quote
  #17  
Old 29th June 2010, 07:29
discoverlinux discoverlinux is offline
Junior Member
  
Join Date: May 2009
Posts: 4
Thanks: 0
Thanked 2 Times in 1 Post
 
Default
I saw the same error and I had enabled (set to true) ssh-iptables and ssh-tcpwrapper. Setting ssh-tcpwrapper back to false removed the error.
Reply With Quote
Reply
Page 2 of 2 1 2

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fail2Ban fails to ban :-) Wandering-Aimlessly Installation/Configuration 14 18th August 2009 16:37
SquirrelMail/imap/pop3 fail2ban IP address gscott187 General 8 14th August 2009 10:51
fail2ban not working linuxwannabe Installation/Configuration 1 25th January 2009 06:09
Fail2Ban not banning? tristanlee85 Server Operation 4 15th October 2008 13:44
Fail2ban question joelee HOWTO-Related Questions 1 3rd April 2008 20:16


All times are GMT +2. The time now is 17:53.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.