Fail2ban and Custom Service Ports
Fail2ban and Custom Service Ports
I'm new to Vesta and came across an issue I'm unable to resolve. I changed several service ports and the GUI seems to reflect these changes, but I'm unable to get fail2ban to use them correctly.
Let's assume I changed SSH to port 2022. The firewall rule was altered and I'm able to connect via SSH without problems. However, as soon as I enable fail2ban for SSH a new rule shows up when listed via command line.
Well, I would expect to see my custom SSH port 2022 here and not the default one. Same is true for other services with changed ports like FTP or even Vesta itself. I also tried adding port statements to my jail.local (via CP and manually) but to no avail.
Can someone tell me where exactly I need to modify the configuration in order to have fail2ban use my custom ports?
Let's assume I changed SSH to port 2022. The firewall rule was altered and I'm able to connect via SSH without problems. However, as soon as I enable fail2ban for SSH a new rule shows up when listed via command line.
Code: Select all
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:sshCan someone tell me where exactly I need to modify the configuration in order to have fail2ban use my custom ports?
Re: Fail2ban and Custom Service Ports
Another issue arose when I just tried to disable fail2ban temporarily. All jails are now disabled, but still the following rules are listed by iptables.
I'm somehow confused by the mechanism used by Vesta to configure fail2ban along with the used services?!
Code: Select all
fail2ban-FTP tcp -- anywhere anywhere tcp dpt:ftp
f2b-sshd tcp -- anywhere anywhere multiport dports ssh