Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
fail2ban not creating rules while configured with nftables #1814
We will be very grateful, if your problem was described as completely as possible,
Fill out and check (
fail2ban doesn't create rules while configured with nftables.
Steps to reproduce
should ban found ipaddresses without error
error reported above, not banning
Any additional information
Configuration, dump and another helpful excerpts
Any customizations done to /etc/fail2ban/ configuration
Relevant parts of /var/log/fail2ban.log file:
preferably obtained while running fail2ban with
Relevant lines from monitored log files in question:
It means that you've no chain
We are not common forum resp. support group for the distribution you obtained Fail2Ban from, please seek for support there. Thus closed.
ach you have an BUG somewhere, as input is defined
But your code still looking for "INPUT" instead of "input"
As soon as I changed chain name in nftables.conf to INPUT it started to work.
This is definitely not a bug.
As I already wrote, just set the chain in your
# jail.local: [DEFAULT] chain = input [jail-w-other-action] chain = BAD banaction = other-action
For the explanation why it is so:
[DEFAULT] banaction = nft action_ = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action = %(action_)s # chain is set explicit in jail.conf: chain = INPUT
action = nft[name=..., chain="INPUT"]