Fail2Ban fails to start on CentOS 7












0















I'm running CentOS 7, all fully updated, and am trying to get Fail2Ban to work, but I'm running into problems.



Specifically, I'm trying to block brute force SSH attacks. I'm pretty sure I've set up everything right – enabled the sshd jail in jail.local, using firewallcmd-ipset as the ban action, definitely using Firewalld, not using SELinux.



But when I start Fail2Ban, here's what's in /var/log/fail2ban.log:



2017-06-21 06:11:44,186 fail2ban.server         [3357]: INFO    Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-06-21 06:11:44,186 fail2ban.database [3357]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2017-06-21 06:11:44,188 fail2ban.jail [3357]: INFO Creating new jail 'sshd'
2017-06-21 06:11:44,206 fail2ban.jail [3357]: INFO Jail 'sshd' uses systemd {}
2017-06-21 06:11:44,230 fail2ban.jail [3357]: INFO Initiated 'systemd' backend
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set maxRetry = 3
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set jail log file encoding to UTF-8
2017-06-21 06:11:44,233 fail2ban.actions [3357]: INFO Set banTime = 86400
2017-06-21 06:11:44,233 fail2ban.filter [3357]: INFO Set findtime = 3600
2017-06-21 06:11:44,234 fail2ban.filter [3357]: INFO Set maxlines = 10
2017-06-21 06:11:44,320 fail2ban.filtersystemd [3357]: INFO Added journal match for: '_SYSTEMD_UNIT=sshd.service + _COMM=sshd'
2017-06-21 06:11:44,335 fail2ban.jail [3357]: INFO Jail 'sshd' started
2017-06-21 06:11:44,864 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'x1b[91mError: COMMAND_FAILEDx1b[00mn'
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- returned 13
2017-06-21 06:11:44,865 fail2ban.actions [3357]: ERROR Failed to start jail 'sshd' action 'firewallcmd-ipset': Error starting action


As you'll note, everything runs smoothly until firewall-cmd is tried. The commands it's trying to run are:



ipset create fail2ban-sshd hash:ip timeout 86400



followed by



firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable



If I try to run those myself, the ipset command works fine, but the firewall-cmd one returns with Error: COMMAND_FAILED. So, I'm guessing it's a problem with the command that Fail2Ban is trying to send to firewall-cmd – but I don't know enough about Firewalld to fix it.



(Oh, SSH is on port 44 because I've found that it massively reduces drive-by attacks, so let's not get into the pros and cons of that!



Also, systemctl status fail2ban shows everything to be running smoothly, no problems reported there. I only noticed this when I logged in and saw that there'd been a bunch of failed login attempts, which is rare what with the port change and all.



Finally, uname -r returns 3.10.0-229.14.1.el7.centos.plus.x86_64 so I'm fairly sure it's not the OpenVZ problem which I've seen as a cause of this elsewhere.)










share|improve this question














bumped to the homepage by Community 1 hour ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

    – garethTheRed
    Jun 21 '17 at 6:49











  • @garethTheRed No I'm not using SELinux, so it must be something else…

    – JoLoCo
    Jun 21 '17 at 13:44
















0















I'm running CentOS 7, all fully updated, and am trying to get Fail2Ban to work, but I'm running into problems.



Specifically, I'm trying to block brute force SSH attacks. I'm pretty sure I've set up everything right – enabled the sshd jail in jail.local, using firewallcmd-ipset as the ban action, definitely using Firewalld, not using SELinux.



But when I start Fail2Ban, here's what's in /var/log/fail2ban.log:



2017-06-21 06:11:44,186 fail2ban.server         [3357]: INFO    Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-06-21 06:11:44,186 fail2ban.database [3357]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2017-06-21 06:11:44,188 fail2ban.jail [3357]: INFO Creating new jail 'sshd'
2017-06-21 06:11:44,206 fail2ban.jail [3357]: INFO Jail 'sshd' uses systemd {}
2017-06-21 06:11:44,230 fail2ban.jail [3357]: INFO Initiated 'systemd' backend
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set maxRetry = 3
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set jail log file encoding to UTF-8
2017-06-21 06:11:44,233 fail2ban.actions [3357]: INFO Set banTime = 86400
2017-06-21 06:11:44,233 fail2ban.filter [3357]: INFO Set findtime = 3600
2017-06-21 06:11:44,234 fail2ban.filter [3357]: INFO Set maxlines = 10
2017-06-21 06:11:44,320 fail2ban.filtersystemd [3357]: INFO Added journal match for: '_SYSTEMD_UNIT=sshd.service + _COMM=sshd'
2017-06-21 06:11:44,335 fail2ban.jail [3357]: INFO Jail 'sshd' started
2017-06-21 06:11:44,864 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'x1b[91mError: COMMAND_FAILEDx1b[00mn'
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- returned 13
2017-06-21 06:11:44,865 fail2ban.actions [3357]: ERROR Failed to start jail 'sshd' action 'firewallcmd-ipset': Error starting action


As you'll note, everything runs smoothly until firewall-cmd is tried. The commands it's trying to run are:



ipset create fail2ban-sshd hash:ip timeout 86400



followed by



firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable



If I try to run those myself, the ipset command works fine, but the firewall-cmd one returns with Error: COMMAND_FAILED. So, I'm guessing it's a problem with the command that Fail2Ban is trying to send to firewall-cmd – but I don't know enough about Firewalld to fix it.



(Oh, SSH is on port 44 because I've found that it massively reduces drive-by attacks, so let's not get into the pros and cons of that!



Also, systemctl status fail2ban shows everything to be running smoothly, no problems reported there. I only noticed this when I logged in and saw that there'd been a bunch of failed login attempts, which is rare what with the port change and all.



Finally, uname -r returns 3.10.0-229.14.1.el7.centos.plus.x86_64 so I'm fairly sure it's not the OpenVZ problem which I've seen as a cause of this elsewhere.)










share|improve this question














bumped to the homepage by Community 1 hour ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

    – garethTheRed
    Jun 21 '17 at 6:49











  • @garethTheRed No I'm not using SELinux, so it must be something else…

    – JoLoCo
    Jun 21 '17 at 13:44














0












0








0








I'm running CentOS 7, all fully updated, and am trying to get Fail2Ban to work, but I'm running into problems.



Specifically, I'm trying to block brute force SSH attacks. I'm pretty sure I've set up everything right – enabled the sshd jail in jail.local, using firewallcmd-ipset as the ban action, definitely using Firewalld, not using SELinux.



But when I start Fail2Ban, here's what's in /var/log/fail2ban.log:



2017-06-21 06:11:44,186 fail2ban.server         [3357]: INFO    Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-06-21 06:11:44,186 fail2ban.database [3357]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2017-06-21 06:11:44,188 fail2ban.jail [3357]: INFO Creating new jail 'sshd'
2017-06-21 06:11:44,206 fail2ban.jail [3357]: INFO Jail 'sshd' uses systemd {}
2017-06-21 06:11:44,230 fail2ban.jail [3357]: INFO Initiated 'systemd' backend
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set maxRetry = 3
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set jail log file encoding to UTF-8
2017-06-21 06:11:44,233 fail2ban.actions [3357]: INFO Set banTime = 86400
2017-06-21 06:11:44,233 fail2ban.filter [3357]: INFO Set findtime = 3600
2017-06-21 06:11:44,234 fail2ban.filter [3357]: INFO Set maxlines = 10
2017-06-21 06:11:44,320 fail2ban.filtersystemd [3357]: INFO Added journal match for: '_SYSTEMD_UNIT=sshd.service + _COMM=sshd'
2017-06-21 06:11:44,335 fail2ban.jail [3357]: INFO Jail 'sshd' started
2017-06-21 06:11:44,864 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'x1b[91mError: COMMAND_FAILEDx1b[00mn'
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- returned 13
2017-06-21 06:11:44,865 fail2ban.actions [3357]: ERROR Failed to start jail 'sshd' action 'firewallcmd-ipset': Error starting action


As you'll note, everything runs smoothly until firewall-cmd is tried. The commands it's trying to run are:



ipset create fail2ban-sshd hash:ip timeout 86400



followed by



firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable



If I try to run those myself, the ipset command works fine, but the firewall-cmd one returns with Error: COMMAND_FAILED. So, I'm guessing it's a problem with the command that Fail2Ban is trying to send to firewall-cmd – but I don't know enough about Firewalld to fix it.



(Oh, SSH is on port 44 because I've found that it massively reduces drive-by attacks, so let's not get into the pros and cons of that!



Also, systemctl status fail2ban shows everything to be running smoothly, no problems reported there. I only noticed this when I logged in and saw that there'd been a bunch of failed login attempts, which is rare what with the port change and all.



Finally, uname -r returns 3.10.0-229.14.1.el7.centos.plus.x86_64 so I'm fairly sure it's not the OpenVZ problem which I've seen as a cause of this elsewhere.)










share|improve this question














I'm running CentOS 7, all fully updated, and am trying to get Fail2Ban to work, but I'm running into problems.



Specifically, I'm trying to block brute force SSH attacks. I'm pretty sure I've set up everything right – enabled the sshd jail in jail.local, using firewallcmd-ipset as the ban action, definitely using Firewalld, not using SELinux.



But when I start Fail2Ban, here's what's in /var/log/fail2ban.log:



2017-06-21 06:11:44,186 fail2ban.server         [3357]: INFO    Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-06-21 06:11:44,186 fail2ban.database [3357]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2017-06-21 06:11:44,188 fail2ban.jail [3357]: INFO Creating new jail 'sshd'
2017-06-21 06:11:44,206 fail2ban.jail [3357]: INFO Jail 'sshd' uses systemd {}
2017-06-21 06:11:44,230 fail2ban.jail [3357]: INFO Initiated 'systemd' backend
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set maxRetry = 3
2017-06-21 06:11:44,232 fail2ban.filter [3357]: INFO Set jail log file encoding to UTF-8
2017-06-21 06:11:44,233 fail2ban.actions [3357]: INFO Set banTime = 86400
2017-06-21 06:11:44,233 fail2ban.filter [3357]: INFO Set findtime = 3600
2017-06-21 06:11:44,234 fail2ban.filter [3357]: INFO Set maxlines = 10
2017-06-21 06:11:44,320 fail2ban.filtersystemd [3357]: INFO Added journal match for: '_SYSTEMD_UNIT=sshd.service + _COMM=sshd'
2017-06-21 06:11:44,335 fail2ban.jail [3357]: INFO Jail 'sshd' started
2017-06-21 06:11:44,864 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stdout: ''
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- stderr: 'x1b[91mError: COMMAND_FAILEDx1b[00mn'
2017-06-21 06:11:44,865 fail2ban.action [3357]: ERROR ipset create fail2ban-sshd hash:ip timeout 86400
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable -- returned 13
2017-06-21 06:11:44,865 fail2ban.actions [3357]: ERROR Failed to start jail 'sshd' action 'firewallcmd-ipset': Error starting action


As you'll note, everything runs smoothly until firewall-cmd is tried. The commands it's trying to run are:



ipset create fail2ban-sshd hash:ip timeout 86400



followed by



firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p all -m multiport --dports 44 -m set --match-set fail2ban-sshd src -j REJECT --reject-with icmp-port-unreachable



If I try to run those myself, the ipset command works fine, but the firewall-cmd one returns with Error: COMMAND_FAILED. So, I'm guessing it's a problem with the command that Fail2Ban is trying to send to firewall-cmd – but I don't know enough about Firewalld to fix it.



(Oh, SSH is on port 44 because I've found that it massively reduces drive-by attacks, so let's not get into the pros and cons of that!



Also, systemctl status fail2ban shows everything to be running smoothly, no problems reported there. I only noticed this when I logged in and saw that there'd been a bunch of failed login attempts, which is rare what with the port change and all.



Finally, uname -r returns 3.10.0-229.14.1.el7.centos.plus.x86_64 so I'm fairly sure it's not the OpenVZ problem which I've seen as a cause of this elsewhere.)







centos firewalld fail2ban






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jun 21 '17 at 4:54









JoLoCoJoLoCo

1012




1012





bumped to the homepage by Community 1 hour ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 1 hour ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.















  • Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

    – garethTheRed
    Jun 21 '17 at 6:49











  • @garethTheRed No I'm not using SELinux, so it must be something else…

    – JoLoCo
    Jun 21 '17 at 13:44



















  • Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

    – garethTheRed
    Jun 21 '17 at 6:49











  • @garethTheRed No I'm not using SELinux, so it must be something else…

    – JoLoCo
    Jun 21 '17 at 13:44

















Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

– garethTheRed
Jun 21 '17 at 6:49





Do you have SELinux enabled? If so, temporarily disable it with # setenforce 0. If that works, you know it's an SELinux issue and can investigate that path. To enable it again, use # setenforce 1.

– garethTheRed
Jun 21 '17 at 6:49













@garethTheRed No I'm not using SELinux, so it must be something else…

– JoLoCo
Jun 21 '17 at 13:44





@garethTheRed No I'm not using SELinux, so it must be something else…

– JoLoCo
Jun 21 '17 at 13:44










1 Answer
1






active

oldest

votes


















0














From faqforge.com: https://www.faqforge.com/linux/how-to-use-iptables-on-centos-7/




Centos 7 replaced the traditional IPTables Linux Kernel Firewall with
the Firewalld service. There are still a lot of scripts available that
require the use of IPTables. A common example is the software
Fail2ban.




So try stopping firewalld (systemctl stop firewalld) and install iptables (yum install iptables-services) and systemctl start iptables.



Then, set like this the banaction in the jail.local:



banaction = iptables-multiport
banaction_allports = iptables-allports


and then restart.






share|improve this answer


























  • I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

    – JoLoCo
    Jun 21 '17 at 13:45













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f372396%2ffail2ban-fails-to-start-on-centos-7%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














From faqforge.com: https://www.faqforge.com/linux/how-to-use-iptables-on-centos-7/




Centos 7 replaced the traditional IPTables Linux Kernel Firewall with
the Firewalld service. There are still a lot of scripts available that
require the use of IPTables. A common example is the software
Fail2ban.




So try stopping firewalld (systemctl stop firewalld) and install iptables (yum install iptables-services) and systemctl start iptables.



Then, set like this the banaction in the jail.local:



banaction = iptables-multiport
banaction_allports = iptables-allports


and then restart.






share|improve this answer


























  • I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

    – JoLoCo
    Jun 21 '17 at 13:45


















0














From faqforge.com: https://www.faqforge.com/linux/how-to-use-iptables-on-centos-7/




Centos 7 replaced the traditional IPTables Linux Kernel Firewall with
the Firewalld service. There are still a lot of scripts available that
require the use of IPTables. A common example is the software
Fail2ban.




So try stopping firewalld (systemctl stop firewalld) and install iptables (yum install iptables-services) and systemctl start iptables.



Then, set like this the banaction in the jail.local:



banaction = iptables-multiport
banaction_allports = iptables-allports


and then restart.






share|improve this answer


























  • I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

    – JoLoCo
    Jun 21 '17 at 13:45
















0












0








0







From faqforge.com: https://www.faqforge.com/linux/how-to-use-iptables-on-centos-7/




Centos 7 replaced the traditional IPTables Linux Kernel Firewall with
the Firewalld service. There are still a lot of scripts available that
require the use of IPTables. A common example is the software
Fail2ban.




So try stopping firewalld (systemctl stop firewalld) and install iptables (yum install iptables-services) and systemctl start iptables.



Then, set like this the banaction in the jail.local:



banaction = iptables-multiport
banaction_allports = iptables-allports


and then restart.






share|improve this answer















From faqforge.com: https://www.faqforge.com/linux/how-to-use-iptables-on-centos-7/




Centos 7 replaced the traditional IPTables Linux Kernel Firewall with
the Firewalld service. There are still a lot of scripts available that
require the use of IPTables. A common example is the software
Fail2ban.




So try stopping firewalld (systemctl stop firewalld) and install iptables (yum install iptables-services) and systemctl start iptables.



Then, set like this the banaction in the jail.local:



banaction = iptables-multiport
banaction_allports = iptables-allports


and then restart.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jun 22 '17 at 15:41

























answered Jun 21 '17 at 7:17









Luis DíazLuis Díaz

134




134













  • I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

    – JoLoCo
    Jun 21 '17 at 13:45





















  • I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

    – JoLoCo
    Jun 21 '17 at 13:45



















I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

– JoLoCo
Jun 21 '17 at 13:45







I don't have iptables installed, CentOS 7 comes with firewalld, which is up and running normally.

– JoLoCo
Jun 21 '17 at 13:45




















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f372396%2ffail2ban-fails-to-start-on-centos-7%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Accessing regular linux commands in Huawei's Dopra Linux

Can't connect RFCOMM socket: Host is down

Kernel panic - not syncing: Fatal Exception in Interrupt