Configure fail2ban to use route instead of iptables to block connections

Fail2ban uses iptables by default to block incoming connections when they exceed the max.  login retries. The iptables rules used by fail2ban might conflict with other firewall rules, so it might be necessary to reconfigure fail2ban to use the route command for blocking incoming connections.

Fail2ban ban using route command

To reconfigure fail2ban for using the route command instead of iptables, edit or create the route.conf file:

nano /etc/fail2ban/action.d/route.conf

There you insert the following lines:

# Fail2Ban configuration file

[Definition]
actionban = ip route add unreachable 
actionunban = ip route del unreachable 

Then add or change the ban action in the jail.local file in the [DEFAULT] section to “route”:

Sponsored
nano

Sponsored
/etc/fail2ban/jail.local

And add or edit these lines:

# Fail2Ban configuration file

[DEFAULT]

banaction = route

The post Configure fail2ban to use route instead of iptables to block connections appeared first on FAQforge.

Ubuntu Server Admin

Recent Posts

How to Install nvidia-smi on Ubuntu or Debian Linux

In this article, we will see how to install nvidia-smi on Ubuntu or Debian Linux.…

8 hours ago

How to Install clang tool on Ubuntu or Debian Linux

In this article, we will see how to install clang tool on Ubuntu or Debian…

1 day ago

How to resolve Ubuntu 20.04 Container Signature Errors on Raspberry Pi ARM Devices

When working with Docker containers on Raspberry Pi devices, you might encounter frustrating signature verification…

2 days ago

How to fix DNS Resolution Issues with OpenVPN on Ubuntu 18.04

You’ve recently upgraded to Ubuntu 18.04 and found that your OpenVPN connection no longer resolves…

2 days ago

How to Fix Ubuntu 18.04 System Monitor Launch Issues

Have you ever tried to open System Monitor on your Ubuntu 18.04 system only to…

3 days ago

What is System Hardening? Essential Checklists from OS to Applications

System hardening means locking down a system and reducing its attack surface: removing unnecessary software…

3 days ago