Fail2Ban is not adding iptables Chain f2b-sshd

Question

I deployed a newly Debian 10 buster on that fail2ban works but did not add any chain rule, on a CentOS 7 the iptables -vnL shows chain f2b-sshd, the configuration jail.local are completely identical with another Debian 10, ufw (Uncomplicated Firewall ) is enabled on both debian VMs. Default banning action is banaction = iptables-multiport defined in jail.local. I think it's something completely different, but I can't figure it out!

The command iptables-save -c didn't shows any fail2ban rules.

...
[41:2404] -A ufw-user-input -p tcp -m multiport --dports 80,443 -m comment --comment "\'dapp_WWW%20Full\'" -j ACCEPT
[0:0] -A ufw-user-input -p tcp -m tcp --dport 20 -j ACCEPT
[0:0] -A ufw-user-input -p tcp -m tcp --dport 21 -j ACCEPT
[2:84] -A ufw-user-input -p tcp -m multiport --dports 40000:50000 -j ACCEPT
[0:0] -A ufw-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] "
[0:0] -A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable
[0:0] -A ufw-user-limit-accept -j ACCEPT
COMMIT
# Completed on Mon Jul 26 09:38:22 2021

It should look like this.

...
[127765:5310725] -A ufw-user-input -p tcp -m multiport --dports 40000:50000 -j ACCEPT
[0:0] -A ufw-user-input -p tcp -m multiport --dports 80,443 -m comment --comment "\'dapp_WWW%20Full\'" -j ACCEPT
[0:0] -A ufw-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] "
[0:0] -A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable
[0:0] -A ufw-user-limit-accept -j ACCEPT
[79:4748] -A f2b-sshd -s 12.23.45.67/32 -j REJECT --reject-with icmp-port-unreachable
[284:19511] -A f2b-sshd -j RETURN
[2534:242063] -A f2b-AuthFailures -j RETURN
COMMIT
# Completed on Mon Jul 26 09:42:48 2021 ```

Fail2Ban is not adding iptables Chain f2b-sshd

Answers (1)

Related Questions