Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
iptables reject rule doesn't work if FORWARD rules (to DOCKER) present and take precedence over INPUT #2376
fail2ban simply doesn't work.
Then in iptables I have hostname instead of the ip:
And in log I can see the fail2ban banned the ip after multiple failures:
And nothing happens. The ip
Still the same. Nothing has changed.
Steps to reproduce
All default nginx and fail2ban setup. Enable nginx-http-auth jail and see that iptables rule is just ineffective possible because being banned by hostname instead of ip.
fail2ban should work.
Any additional information
Configuration, dump and another helpful excerpts
Any customizations done to /etc/fail2ban/ configuration
Relevant parts of /var/log/fail2ban.log file:
preferably obtained while running fail2ban with
Relevant lines from monitored log files in question:
I also tried manually ban the ip using:
Therefore my iptables became like this:
First and second created by above commands and third one by fail2ban. All rules are inserted by hostname instead of ip! Also, the ip (which is my ip actually) is still not banned!
Wrong, it is the resolver inside of listing in iptables. Use
The settings of option
I don't see how the chain is created, please provide also the output of INPUT chain (where f2b-nginx-http-auth would be basically referenced)...
Ok. Let's take a look at the whole iptables then:
So, this command fixed the problem: