Re: Fail2Ban

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



John Hinton wrote:
> Agile Aspect wrote:
>   
>> Devraj Mukherjee wrote:
>>   
>>     
>>> Hi all,
>>>
>>> I am trying to get fail2ban going on my server and its log message
>>> reports the following error
>>>
>>> 2009-02-16 17:42:05,339 ERROR: 'iptables -L INPUT | grep -q
>>> fail2ban-SSH' returned 256
>>> 2009-02-16 17:42:05,354 ERROR: 'iptables -D INPUT -p tcp --dport ssh
>>> -j fail2ban-SSH
>>>
>>> Is this because of the way the RedHat tool sets up the firewall?
>>>
>>> Thanks for any responses.
>>>
>>>   
>>>     
>>>       
>> First, have you installed iptables, shorewall, and tcp-wrappers
>> installed?
>>
>> Second, have you tried the failed grep expression, i.e., have
>> you tried
>>
>>           iptables -L INPUT | grep -q fail2ban-SSH
>>
>> As to why this would fail, you need to ask on the fail2ban
>> mailing list since evidently this appears to be part of the
>> installation.
>>
>> The iptables can be setup by anyone - RedHat simply provides
>> a default set of rules.
>>
>>   
>>     
> Actually, it is a rather OS dependent package and the rules for CentOS 
> are difficult to write. That really doesn't belong on the fail2ban list 
> either.
>   
Please post the iptable rule which you is believe is OS dependent.

> You don't need shorewall, just the standard CentOS firewall works fine. 
>   
It depends upon what the OP installed. The fail2ban web page
recommends shorewall be installed - so there's a chance the OP
installed it.

-- 
Article. VI. Clause 3 of the constitution of the United States states: 

"The Senators and Representatives before mentioned, and the Members of 
the several State Legislatures, and all executive and judicial Officers, 
both of the United States and of the several States, shall be bound by 
Oath or Affirmation, to support this Constitution; but no religious Test 
shall ever be required as a Qualification to any Office or public Trust 
under the United States." 


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux