Re: fail2ban + firewalld suggestions needed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/19/2014 09:10 PM, Richard Shaw wrote:
> Ok using Jonathan's suggestion for the settings from a clean install I'm
> getting an error whether I use the systemd backend or not...
> 
>[12698]: ERROR   ipset
> create fail2ban-sshd hash:ip timeout 600
> firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport
> --dports ssh -m set --match-set fail2ban-sshd src -j REJECT
> --reject-with icmp-port-unreachable -- stderr: '/bin/sh: ipset: command
> not found\n'
   ^^^^^^^^

Currently we're missing a requires on ipset.

> 2014-03-19 22:06:58,981 fail2ban.server.action[12698]: ERROR   ipset
> create fail2ban-sshd hash:ip timeout 600
> firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport
> --dports ssh -m set --match-set fail2ban-sshd src -j REJECT
> --reject-with icmp-port-unreachable -- returned 13
> 2014-03-19 22:06:58,981 fail2ban.server.actions[12698]: ERROR   Failed
> to start jail 'sshd' action 'firewallcmd-ipset': Error starting action
> 
> What am I doing wrong?
> 
> Thanks,
> Richard
> 
> 


-- 
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA/CoRA Division                    FAX: 303-415-9702
3380 Mitchell Lane                  orion@xxxxxxxxxxxxx
Boulder, CO 80301              http://www.cora.nwra.com
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux