I thought because I am using firewalld that would be the right thing to do.
Obviously not.
Anyway, I changed the config file, but still the same error message. I
looks now like this:
[INCLUDES]
before = paths-fedora.conf
[DEFAULT]
bantime = 1d
maxretry = 3
findtime = 10m
banaction = iptables-multiport
banaction_allports = iptables-allports
#
# Ban Increments
#
# "bantime.increment" allows to use database for searching of previously
banned ip's to increase a
# default ban time using special formula, default it is banTime * 1, 2, 4,
8, 16, 32...
bantime.increment = true
# ban & send an e-mail with whois report and relevant log lines to the
destemail.
action_mwl = %(action_)s
%(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s",
logpath="%(logpath)s", chain="%(chain)s"]
ignoreip = 127.0.0.1/8 ::1 10.5.2.0/24
[sshd]
enabled = true
mode = normal
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[postfix]
# To use another modes set filter parameter "mode" in jail.local:
enabled = true
mode = more
port = smtp,465,submission
logpath = %(postfix_log)s
backend = %(postfix_backend)s
[postfix-rbl]
enabled = true
filter = postfix[mode=rbl]
port = smtp,465,submission
logpath = %(postfix_log)s
backend = %(postfix_backend)s
maxretry = 1
[postfix-sasl]
enabled = true
filter = postfix[mode=auth]
port = smtp,465,submission,imap,imaps,pop3,pop3s
logpath = %(postfix_log)s
backend = %(postfix_backend)s
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps,submission,465,sieve
logpath = %(dovecot_log)s
backend = %(dovecot_backend)s
Wolfgang Rauchholz
+34 627 994 977
https://www.linkedin.com/in/wolfgangrauchholz/
On Mon, Feb 13, 2023 at 8:25 PM Wolfgang Paul Rauchholz <
wp.rauchh...@gmail.com> wrote:
> Hello fail2ban community
> Recently I setup a home server under Rocky Linux 8.7
> To protect form intrusion I installed fail2ban. I get the error as
> described above.
> I checked google, but could not find the mistake.
> Thanks for helpin me to fix the error.
>
>
> [INCLUDES]
> before = paths-fedora.conf
>
> [DEFAULT]
> bantime = 1d
> maxretry = 3
> findtime = 10m
>
> banaction = firewallcmd-rich-rules[actiontype=<multiport>]
> banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]
>
> #
> # Ban Increments
> #
>
> # "bantime.increment" allows to use database for searching of previously
> banned ip's to increase a
> # default ban time using special formula, default it is banTime * 1, 2, 4,
> 8, 16, 32...
> bantime.increment = true
>
> # ban & send an e-mail with whois report and relevant log lines to the
> destemail.
> action_mwl = %(action_)s
> %(mta)s-whois-lines[sender="%(sender)s",
> dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
>
> ignoreip = 127.0.0.1/8 ::1 10.5.2.0/24
>
> [sshd]
> enabled = true
> mode = normal
> port = ssh
> logpath = %(sshd_log)s
> backend = %(sshd_backend)s
>
> [postfix]
> # To use another modes set filter parameter "mode" in jail.local:
> enabled = true
> mode = more
> port = smtp,465,submission
> logpath = %(postfix_log)s
> backend = %(postfix_backend)s
>
> [postfix-rbl]
> enabled = true
> filter = postfix[mode=rbl]
> port = smtp,465,submission
> logpath = %(postfix_log)s
> backend = %(postfix_backend)s
> maxretry = 1
>
> [postfix-sasl]
> enabled = true
> filter = postfix[mode=auth]
> port = smtp,465,submission,imap,imaps,pop3,pop3s
> logpath = %(postfix_log)s
> backend = %(postfix_backend)s
>
> [dovecot]
> enabled = true
> port = pop3,pop3s,imap,imaps,submission,465,sieve
> logpath = %(dovecot_log)s
> backend = %(dovecot_backend)s
>
> Wolfgang Rauchholz
> +34 627 994 977
> https://www.linkedin.com/in/wolfgangrauchholz/
>
>
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
