1

Topic: firewalld and fail2ban

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

From what I understand with CentOS 7 firewalld should be used instead of iptables.  In fact trying to start iptables fails:

[root@backupmx fail2ban]# systemctl start iptables
Failed to issue method call: Unit iptables.service failed to load: No such file or directory.

And I see the IPs getting banned in iptables:

Chain f2b-default (2 references)
target     prot opt source               destination         
REJECT     all  --  117.79.146.58        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  hosted-by.ecatel.net  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  58.206.126.29        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  222.124.132.205      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  218.90.134.14        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  61.30.65.218.broad.xy.jx.dynamic.163data.com.cn  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  217.30.65.218.broad.xy.jx.dynamic.163data.com.cn  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  218.4.90.246         anywhere             reject-with icmp-port-unreachable
REJECT     all  --  212.2.5.120          anywhere             reject-with icmp-port-unreachable
REJECT     all  --  211.157.148.186      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  211.144.37.41        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  cms.mtvasia.com      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  198.199.84.178       anywhere             reject-with icmp-port-unreachable
REJECT     all  --  customer-static-210-30-237.iplannetworks.net  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  ip-184-168-31-205.ip.secureserver.net  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  183.131.76.72        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  182.100.67.52        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  122.10.102.51        anywhere             reject-with icmp-port-unreachable
REJECT     all  --  118.219.233.133      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  116.236.238.178      anywhere             reject-with icmp-port-unreachable

I have fail2ban configured with backend=systemd.

I figure since I'm new to CentOS 7 and systemd (I've been using CentOS 5 and 6 for a long time) I must be missing something simple, but searches of this forum and the web don't show me where I'm messing up.

Can anyone point me in the right direction?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: firewalld and fail2ban

*) Fail2ban just calls 'iptables' COMMAND to ban IP, it doesn't require iptables service.
*) firewalld is another wrapper for iptables. and iRedMail uses firewalld service on CentOS 7.

3

Re: firewalld and fail2ban

Thanks for clearing that up!