Is fail2ban working without firewalld?

iptables fail2ban centos firewalld nftables

do i need firewalld for fail2ban to work?

Can fail2ban block IP's with iptables only?

I've installed iptables-service on a CentOS 8 vps. I use nftables v0.9.3 (Topsy) to restrict/grant access. Firewalld is stopped and not running, but I guess fail2ban needs firewalld to block ip's?

Thanks for any hint or idea about this question.


Solution 1:

You can configure your fail2ban instance to specify which banning action it would use, thereby native net-filters are recommended (so firewalld is not advisable).
Which actions are available is depending on your fail2ban version, e. g. latest 0.10/0.11 have besides to several iptables also nftables action.
If you use nftables, it is also better to ban using nftables action (mostly iptables will just emulate nftables).

Also if your version is older (still does not have it), you can try to copy the latest version of action to /etc/fail2ban/action.d and try it.

To overwrite your defaults, simply set both banaction in default section of your jail.local:

[DEFAULT]
# default type of nftables is multiport: banaction = nftables[type=multiport]
banaction = nftables
banaction_allports = nftables[type=allports]

Related

Weird IP address value in apache log
PERC H740p single-disk RAID 0 versus JBOD/Pass-Through/eHBA/IT mode (For ZFS on Linux)
DL580 G7 not booting / posting
How to clone a linux live server with no stopping it?
How to perform data replication for DBs on multi-server Docker Container setup?
How to forward new files from an SFTP server?
Disable cron messages in auditd
Hardware/BIOS - IBM x3200 m2
Enable and disable scheduled task with PowerShell and variable
Hosting VPS, should I buy a public IP range?
Incomplete axfrdns response
How to know my RAID controller card and Host Bus Adapter's BIOS and Firmware version?