On Wed, 1 Jan 2020, Allan wrote:
På Tue, 31 Dec 2019 18:53:38 +0000
John H Nyhuis <jnyhuis@xxxxxx> skrev:
Just a random stab in the dark, but CEntOS6 was iptables, and CentOS7
is firewalld. They take different fail2ban packages.
CentOS6 = fail2ban
CentOS7 = fail2ban-firewalld
Are you sure you are running the correct fail2ban package for your
firewall? (I screwed this up myself before I noticed and fixed it...)
I do have the f2b-firewalld package installed yes. Since it was an
update - it only replaced same installed packages.
A standard install of F2B on Centos7 do also include the f2b-systemd
package - which would seem logical. However, after I started using
the recidive filter - which IMHO is one of the most important ones -
it didn't work. Removing the f2b-systemd package fixed that - and
didn't hurt anything else.
I have no idea why that is - or if that could be part of the problem
with the update here on my system.
If it helps to have another data point, my C7 server has two fail2ban
packages installed:
* fail2ban-firewalld-0.10.4-1.el7.noarch
* fail2ban-server-0.10.4-1.el7.noarch
They were upgraded back on December 9 and have worked without any
major hiccups.
The fail2ban-server package provides the systemd unit file,
/usr/lib/systemd/system/fail2ban.service, so I was curious to know
what the the fail2ban-systemd package actually does. The description
field for the fail2ban-systemd rpm says,
This package configures Fail2Ban to use the systemd journal for
its log input by default.
All of the logpath entries in my fail2ban configuration point to
ordinary /var/log/* files. I don't know how fail2ban-systemd repoints
the logpath entries to use inputs from systemd-journald, but I suspect
that's where the mismatch may be happening.
--
Paul Heinlein
heinlein@xxxxxxxxxx
45°38' N, 122°6' W
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
