Thanks, I did post that in my original message though, including where the problem is. I guess if you're not running it in docker you wouldn't have the same problem I got.
On Fri, Feb 7, 2025, 11:32 PM Jonathan Aquilina <jaquil...@eagleeyet.net> wrote: > I did a bit of digging and I stand corrected. > > > > If you run the following command and adapt it for your situation the below > should show you your ban status. It could be that there are other > mechanisms in play for the bans besides the firewall that are managed by > docker. > > > > > > docker exec -it fail2ban fail2ban-client status sshd > > > > From what I know about containers is this > > > > 1. You don’t have a firewall > 2. No system > > > > Regards, > > Jonathan Aquilina > > > > > > *From:* solarflow99 <solarflo...@gmail.com> > *Sent:* 08 February 2025 08:24 > *To:* Jonathan Aquilina <jaquil...@eagleeyet.net> > *Cc:* fail2ban-users@lists.sourceforge.net > *Subject:* Re: [Fail2ban-users] firewalld rules not getting created > > > > fail2ban is one of several containers running on the host, 3 of them > including the ssh container is volume mapped its log file to fail2ban just > like it should. So there are ingress containers if thats what you mean? I > can't quite understand what you mean, fail2ban can run in a container thats > what the docker image was all about. Maybe you are thinking where the > firewall-cmd rules get applied, onto the host or to the dockernet? I'm > using network=host in docker so that shouldn't be an issue there. > > > > > > > > > > On Fri, Feb 7, 2025 at 10:49 PM Jonathan Aquilina <jaquil...@eagleeyet.net> > wrote: > > Hello, > > > > If this is on a container, containers cannot run the firewalls. You need > to have some form of an ingress controller maybe nginx in front or HA Proxy > that will do the filtering for your containers. > > > > Regards, > > Jonathan > > > > > > *From:* solarflow99 <solarflo...@gmail.com> > *Sent:* 08 February 2025 07:44 > *To:* fail2ban-users@lists.sourceforge.net > *Subject:* Re: [Fail2ban-users] firewalld rules not getting created > > > > ERROR 7f951278ea60 -- stderr: '/bin/sh: firewall-cmd: not found' > > ERROR 7f951278ea60 -- returned 127 > > > > Doesn't anyone else run into this? > > > > It seems that: image: lscr.io/linuxserver/fail2ban > <https://link.edgepilot.com/s/28ed2e1a/Lb4p6m44qE2AsTB_wreyXQ?u=http://lscr.io/linuxserver/fail2ban> > is using Alpine linux and doesn't come with firewalld, but that doesn't > make any sense. I asked on the list in case anyone knew. > > Perhaps its because Alpine doesn't support systemd, but surely I can't be > the first person that ran into this.. > > > > > > > > On Thu, Feb 6, 2025 at 5:46 PM solarflow99 <solarflo...@gmail.com> wrote: > > I have fail2ban running in docker-compose, but I still don't see any of > the FW rules on the host, I am using image: > lscr.io/linuxserver/fail2ban:latest > <https://link.edgepilot.com/s/f8eae19d/UF5-X4NVHkaLT7Z1RWHFLQ?u=http://lscr.io/linuxserver/fail2ban:latest> > > > > > > > # fail2ban-client status sshd | more > Status for the jail: sshd > |- Filter > | |- Currently failed: 0 > | |- Total failed: 0 > | `- File list: /remotelogs/ssh/secure > `- Actions > |- Currently banned: 56719 > |- Total banned: 56719 > `- Banned IP list: > > > > > > From the LOG, its easy to see why: > > ERROR 7f5fc7464300 -- stderr: '/bin/sh: firewall-cmd: not found' > > > > > > Shouldn't this image have firewall-cmd already? Or am I doing something > wrong? > > > > > > Links contained in this email have been replaced. If you click on a link > in the email above, the link will be analyzed for known threats. If a known > threat is found, you will not be able to proceed to the destination. If > suspicious content is detected, you will see a warning. > >
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
