El mar., 3 nov. 2020 a las 10:45, <u34@xxxxxxx> escribió: > > Maykel Franco via arch-general <arch-general@xxxxxxxxxxxxx> wrote: > > > El mar., 3 nov. 2020 a las 9:48, <u34@xxxxxxx> escribi??: > > > > > > Maykel Franco via arch-general <arch-general@xxxxxxxxxxxxx> wrote: > > > > > > > Hi, I have this script for iptables for my archlinux desktop: > > > > > > > > https://pastebin.com/SafhsKFt > > > > > > > > And when received external request access SSH error, fail2ban add rule > > > > but the rule not working. > > > > > > > > I think it has to do with the iptables script, but the fail2ban > > > > blocking rules add fine but don't ban. That could be happening? > > > > > > It could be that the banning fail2ban rule doesn't ban. > > > 1. Can you show the iptables state before, and after, fail2ban added > > > its rule? That is, issue an iptables -s command? I do hope I got > > > the iptables command right. > > > 2. Can you show fail2ban configuration? > > > > > > -- > > > u34 > > > > The problem is not fail2ban. The problem is the script iptables rules > > because after exec script iptables: > > > > https://pastebin.com/SafhsKFt > > > > I try drop ip: > > > > iptables -A INPUT -p tcp -s 192.168.0.33 --dport 22 -j DROP > > > > Not block ip 192.168.0.33 on port 22. > > Possibly because that line is added as the last lines of the iptables. > The accept lines of the script already accepted the 192.168.0.33 connection. You > probably want to issue an Insert, or a Replace, command. -I or -R, if I remmeber > correcly. > What is the output of iptables -s, if I remember correctly, > after you issued > the 192.168.0.33 related command? > > As an aside, I think you should revert to nft (nftables). > > -- > u34 Thanks for your response. With -I works well with: iptables -I INPUT -p tcp -s 192.168.0.33 --dport 2222 -j DROP And now, for iptables works well, How it solved? I need iptables add rules on first place.
