On 19 March 2014 15:10, Orion Poplawski <orion@xxxxxxxxxxxxx> wrote: > See https://bugzilla.redhat.com/show_bug.cgi?id=1046816 > You are going to need fail2ban-0.9-2 - f20 build is here http://koji.fedoraproject.org/koji/taskinfo?taskID=6651548. More testing would be much appreciated. On a default F20 install with that package I had to do the following to get a minimal ssh jail up and running (this is info for those following along, not Orion who no doubt knows this)... In /etc/fail2ban/jail.d/ajil.local [DEFAULT] bantime = 3600 banaction = firewallcmd-ipset backend = systemd [sshd] enabled = true So, it seems to me that at the very least we should set backend = systemd in the Fedora, else it's not going to work out of the box (or, more ugly, require rsyslog). As to the original question I'd favour enabling the firewalld support in Fedora by default. Anyone disabling (or chosing not to install) firewalld and installing fail2ban should know enough to configure things appropriately. Cheers, Jonathan -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct