IPTables causes conflict with Fail2Ban

iptables fail2ban

Solution 1:

fail2ban must also place rules in the INPUT chain to call the chains it defines for each individual jail. By removing those, you are causing those rules to not apply, and the IP addresses that should be banned still get through, and fail2ban warns you about this by saying they were already banned.

You should not have any reason to flush the INPUT chain like this. Instead your cron job should create its own user-defined chain, and only add to the INPUT chain a rule to call that user-defined chain. Better yet, you should use an ipset, which has better performance and also can be atomically swapped when you want to change it. (And for that same reason you should have fail2ban use ipsets as well.)

Related

Nginx and https - Specifying an ip address as a server_name gives the correct website but the wrong certificate
How to fix Cyrillic encoding in Telegram bot on Google Cloud?
When connecting from A to C, through B, how can I specify PEM on B?
What is the perfect tomcat virtualization config file?
error: The zone does not have enough resources available to fulfill the request. Try a different zone, or try again later
How to resolve : HttpInput idle timeout error in Jenkin
How to hide web server IP?
Suse 11 : Java remote debug can't connect properly
what is Remote Desktop Services in Windows Server 2008 R2 all about?
"Too many open files" Apache error even with increased ulimit and sysctl
Least Positive Residue
If the set of S-formula in FOL is infinite, then what means a model can interpret this set?