2017-02-21 20:41:57,649 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,650 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,650 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,650 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,656 fail2ban.jail [19856]: INFO Creating new jail 'apache-shellshock'
2017-02-21 20:41:57,656 fail2ban.jail [19856]: INFO Jail 'apache-shellshock' uses poller {}
2017-02-21 20:41:57,657 fail2ban.jail [19856]: INFO Initiated 'polling' backend
2017-02-21 20:41:57,657 fail2ban.filter [19856]: INFO Added logfile = /var/log/httpd/error_log
2017-02-21 20:41:57,657 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,658 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,658 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,658 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,665 fail2ban.jail [19856]: INFO Creating new jail 'postfix'
2017-02-21 20:41:57,665 fail2ban.jail [19856]: INFO Jail 'postfix' uses systemd {}
2017-02-21 20:41:57,666 fail2ban.jail [19856]: INFO Initiated 'systemd' backend
2017-02-21 20:41:57,666 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,667 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,667 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,667 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,683 fail2ban.filtersystemd [19856]: INFO Added journal match for: '_SYSTEMD_UNIT=postfix.service'
2017-02-21 20:41:57,688 fail2ban.jail [19856]: INFO Creating new jail 'postfix-rbl'
2017-02-21 20:41:57,689 fail2ban.jail [19856]: INFO Jail 'postfix-rbl' uses systemd {}
2017-02-21 20:41:57,689 fail2ban.jail [19856]: INFO Initiated 'systemd' backend
2017-02-21 20:41:57,690 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,690 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,690 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,691 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,698 fail2ban.jail [19856]: INFO Creating new jail 'dovecot'
2017-02-21 20:41:57,698 fail2ban.jail [19856]: INFO Jail 'dovecot' uses systemd {}
2017-02-21 20:41:57,698 fail2ban.jail [19856]: INFO Initiated 'systemd' backend
2017-02-21 20:41:57,699 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,700 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,700 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,700 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,712 fail2ban.filtersystemd [19856]: INFO Added journal match for: '_SYSTEMD_UNIT=dovecot.service'
2017-02-21 20:41:57,718 fail2ban.jail [19856]: INFO Creating new jail 'sieve'
2017-02-21 20:41:57,718 fail2ban.jail [19856]: INFO Jail 'sieve' uses systemd {}
2017-02-21 20:41:57,729 fail2ban.jail [19856]: INFO Initiated 'systemd' backend
2017-02-21 20:41:57,730 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,730 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,731 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,731 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,738 fail2ban.jail [19856]: INFO Creating new jail 'mysqld-auth'
2017-02-21 20:41:57,738 fail2ban.jail [19856]: INFO Jail 'mysqld-auth' uses poller {}
2017-02-21 20:41:57,739 fail2ban.jail [19856]: INFO Initiated 'polling' backend
2017-02-21 20:41:57,739 fail2ban.filter [19856]: INFO Added logfile = /var/log/mariadb/mariadb.log
2017-02-21 20:41:57,739 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,740 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,740 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,740 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,747 fail2ban.jail [19856]: INFO Creating new jail 'recidive'
2017-02-21 20:41:57,747 fail2ban.jail [19856]: INFO Jail 'recidive' uses poller {}
2017-02-21 20:41:57,748 fail2ban.jail [19856]: INFO Initiated 'polling' backend
2017-02-21 20:41:57,748 fail2ban.filter [19856]: INFO Added logfile = /var/log/fail2ban.log
2017-02-21 20:41:57,749 fail2ban.filter [19856]: INFO Set maxRetry = 6
2017-02-21 20:41:57,749 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,749 fail2ban.actions [19856]: INFO Set banTime = 406425600
2017-02-21 20:41:57,749 fail2ban.filter [19856]: INFO Set findtime = 56851200
2017-02-21 20:41:57,751 fail2ban.server [19856]: INFO Jail recidive is not a JournalFilter instance
2017-02-21 20:41:57,756 fail2ban.jail [19856]: INFO Creating new jail 'pam-generic'
2017-02-21 20:41:57,757 fail2ban.jail [19856]: INFO Jail 'pam-generic' uses systemd {}
2017-02-21 20:41:57,757 fail2ban.jail [19856]: INFO Initiated 'systemd' backend
2017-02-21 20:41:57,758 fail2ban.filter [19856]: INFO Set maxRetry = 6
2017-02-21 20:41:57,758 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,758 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,759 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,766 fail2ban.jail [19856]: INFO Creating new jail 'httpd-admin'
2017-02-21 20:41:57,766 fail2ban.jail [19856]: INFO Jail 'httpd-admin' uses poller {}
2017-02-21 20:41:57,767 fail2ban.jail [19856]: INFO Initiated 'polling' backend
2017-02-21 20:41:57,767 fail2ban.filter [19856]: INFO Added logfile = /var/log/httpd-admin/access_log
2017-02-21 20:41:57,768 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,768 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,768 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,768 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,774 fail2ban.jail [19856]: INFO Creating new jail 'apache-scan'
2017-02-21 20:41:57,774 fail2ban.jail [19856]: INFO Jail 'apache-scan' uses poller {}
2017-02-21 20:41:57,775 fail2ban.jail [19856]: INFO Initiated 'polling' backend
2017-02-21 20:41:57,775 fail2ban.filter [19856]: INFO Added logfile = /var/log/httpd/error_log
2017-02-21 20:41:57,775 fail2ban.filter [19856]: INFO Set maxRetry = 3
2017-02-21 20:41:57,776 fail2ban.filter [19856]: INFO Set jail log file encoding to UTF-8
2017-02-21 20:41:57,776 fail2ban.actions [19856]: INFO Set banTime = 1209600
2017-02-21 20:41:57,776 fail2ban.filter [19856]: INFO Set findtime = 604800
2017-02-21 20:41:57,810 fail2ban.jail [19856]: INFO Jail 'sshd' started
2017-02-21 20:41:57,818 fail2ban.jail [19856]: INFO Jail 'sshd-ddos' started
2017-02-21 20:41:57,837 fail2ban.jail [19856]: INFO Jail 'apache-auth' started
2017-02-21 20:41:57,850 fail2ban.jail [19856]: INFO Jail 'apache-badbots' started
2017-02-21 20:41:57,861 fail2ban.jail [19856]: INFO Jail 'apache-noscript' started
2017-02-21 20:41:57,867 fail2ban.jail [19856]: INFO Jail 'apache-overflows' started
2017-02-21 20:41:57,869 fail2ban.jail [19856]: INFO Jail 'apache-nohome' started
2017-02-21 20:41:57,872 fail2ban.jail [19856]: INFO Jail 'apache-botsearch' started
2017-02-21 20:41:57,874 fail2ban.jail [19856]: INFO Jail 'apache-fakegooglebot' started
2017-02-21 20:41:57,875 fail2ban.jail [19856]: INFO Jail 'apache-modsecurity' started
2017-02-21 20:41:57,876 fail2ban.jail [19856]: INFO Jail 'apache-shellshock' started
2017-02-21 20:41:57,877 fail2ban.jail [19856]: INFO Jail 'postfix' started
2017-02-21 20:41:57,878 fail2ban.filtersystemd [19856]: NOTICE Jail started without 'journalmatch' set. Jail regexs will be checked against all journal entries, which is not advised for performance reasons.
2017-02-21 20:41:57,880 fail2ban.jail [19856]: INFO Jail 'postfix-rbl' started
2017-02-21 20:41:57,886 fail2ban.jail [19856]: INFO Jail 'dovecot' started
2017-02-21 20:41:57,891 fail2ban.filtersystemd [19856]: NOTICE Jail started without 'journalmatch' set. Jail regexs will be checked against all journal entries, which is not advised for performance reasons.
2017-02-21 20:41:57,893 fail2ban.jail [19856]: INFO Jail 'sieve' started
2017-02-21 20:41:57,901 fail2ban.jail [19856]: INFO Jail 'mysqld-auth' started
2017-02-21 20:41:57,916 fail2ban.jail [19856]: INFO Jail 'recidive' started
2017-02-21 20:41:57,923 fail2ban.filtersystemd [19856]: NOTICE Jail started without 'journalmatch' set. Jail regexs will be checked against all journal entries, which is not advised for performance reasons.
2017-02-21 20:41:57,926 fail2ban.jail [19856]: INFO Jail 'pam-generic' started
2017-02-21 20:41:57,943 fail2ban.jail [19856]: INFO Jail 'httpd-admin' started
2017-02-21 20:41:57,970 fail2ban.jail [19856]: INFO Jail 'apache-scan' started
2017-02-21 20:41:58,008 fail2ban.actions [19856]: NOTICE [sshd] Ban 119.193.140.151
2017-02-21 20:41:58,192 fail2ban.filter [19856]: INFO [recidive] Found 119.193.140.151
2017-02-21 20:42:01,117 fail2ban.action [19856]: ERROR shorewall drop 119.193.140.151 -- stdout: ''
2017-02-21 20:42:01,123 fail2ban.action [19856]: ERROR shorewall drop 119.193.140.151 -- stderr: ' ERROR: Shorewall is not started\n'
2017-02-21 20:42:01,125 fail2ban.action [19856]: ERROR shorewall drop 119.193.140.151 -- returned 2
2017-02-21 20:42:01,127 fail2ban.actions [19856]: ERROR Failed to execute ban jail 'sshd' action 'shorewall' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x1e388c0>, 'matches': '2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084
ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:15:56.709326 sshd[14937]: Invalid user mother from 119.193.140.151\n2017-02-16T22:15:56.711812 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.151\n2017-02-16T22:15:59.084422 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:01.177479 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:03.217918 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:05.192727 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:06.792917 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2\n2017-02-16T22:16:09.674410 sshd[14937]: Failed password for invalid user mother from 119.193.140.151 port 55084 ssh2', 'ip': '119.193.140.151', 'ipmatches': <function <lambda> at 0x1e387d0>, 'ipfailures': <function <lambda> at 0x1e38848>, 'time': 1487706118.008088, 'failures': 112, 'ipjailfailures': <function <lambda> at 0x1e38938>})': Error banning 119.193.140.151
2017-02-21 20:42:01,955 fail2ban.actions [19856]: NOTICE [sshd] Ban 211.33.170.39
2017-02-21 20:42:02,144 fail2ban.action [19856]: ERROR shorewall drop 211.33.170.39 -- stdout: ''
2017-02-21 20:42:02,150 fail2ban.action [19856]: ERROR shorewall drop 211.33.170.39 -- stderr: ' ERROR: Shorewall is not started\n'
2017-02-21 20:42:02,153 fail2ban.action [19856]: ERROR shorewall drop 211.33.170.39 -- returned 2
2017-02-21 20:42:02,153 fail2ban.actions [19856]: ERROR Failed to execute ban jail 'sshd' action 'shorewall' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x1e387d0>, 'matches': '2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:43.560531 sshd[14912]: Invalid user admin from 211.33.170.39\n2017-02-16T21:59:43.616485 sshd[14912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.33.170.39\n2017-02-16T21:59:45.076524 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:47.115215 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:50.095743 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:52.153410 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:54.818786 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2\n2017-02-16T21:59:56.937949 sshd[14912]: Failed password for invalid user admin from 211.33.170.39 port 35576 ssh2', 'ip': '211.33.170.39', 'ipmatches': <function <lambda> at 0x1e38848>, 'ipfailures': <function <lambda> at 0x1e388c0>, 'time': 1487706121.95584, 'failures': 112, 'ipjailfailures': <function <lambda> at 0x1e38c08>})': Error banning 211.33.170.39
2017-02-21 20:42:02,259 fail2ban.filter [19856]: INFO [recidive] Found 211.33.170.39
2017-02-21 20:47:06,134 fail2ban.filter [19856]: INFO [postfix] Found 64.20.227.134
2017-02-21 20:47:06,216 fail2ban.filter [19856]: INFO [postfix] Found 208.113.164.93
Sorry about posting the whole log file…! however I don’t know for sure which parts are relevant…
well, before posting you’d ask for what could be relevant
of course…
Now, I have removed nethserver-fail2an and fail2ban in order to test whether that solves my problem… but unfortunately it didn’t…
After creating a firewall rule that involves an IP range object, the follows error message is still shown…
Task completed with errors
Configuring shorewall #support Compiling using Shorewall 5.0.14.1…
Processing /etc/shorewall/params …
Processing /etc/shorewall/shorewall.conf…
Loading Modules…
Compiling /etc/shorewall/zones…
Compiling /etc/shorewall/interfaces…
Compiling /etc/shorewall/hosts…
Determining Hosts in Zones…
Locating Action Files…
Compiling /etc/shorewall/policy…
Running /etc/shorewall/initdone…
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling TCP Flags filtering…
Compiling Kernel Route Filtering…
Compiling Martian Logging…
Compiling MAC Filtration – Phase 1…
Compiling /etc/shorewall/rules…
WARNING: One or more unreachable rules in chain loc2fw have been discarded /etc/shorewall/rules (line 111)
WARNING: One or more unreachable rules in chain net2fw have been discarded /etc/shorewall/rules (line 165)
WARNING: One or more unreachable rules in chain loc2net have been discarded /etc/shorewall/rules (line 266)
Compiling /etc/shorewall/conntrack…
Compiling MAC Filtration – Phase 2…
Applying Policies…
Compiling /usr/share/shorewall/action.Reject for chain Reject…
Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast…
Compiling /usr/share/shorewall/action.Drop for chain Drop…
Generating Rule Matrix…
Creating iptables-restore input…
Compiling /etc/shorewall/stoppedrules…
Shorewall configuration compiled to /var/lib/shorewall/.restart
Reloading Shorewall…
Initializing…
Processing /etc/shorewall/init …
Processing /etc/shorewall/tcclear …
Setting up Route Filtering…
Setting up Martian Logging…
Setting up Proxy ARP…
Preparing iptables-restore input…
Running /sbin/iptables-restore …
iptables-restore: line 187 failed
ERROR: iptables-restore Failed. Input is in /var/lib/shorewall/.iptables-restore-input
Processing /etc/shorewall/stop …
Processing /etc/shorewall/tcclear …
Preparing iptables-restore input…
Running /sbin/iptables-restore…
IPv4 Forwarding Enabled
Processing /etc/shorewall/stopped …
/usr/share/shorewall/lib.common: line 93: 26665 Terminated $SHOREWALL_SHELL $script options @
The firewall does not crash directly after that. But, as soon as I want to restart it, it fails…! same output of service shorewall status
as in my first post…
your fail2ban says that it wants to unban an IP but it cannot because shorewall is down
[sshd] Unban 119.193.140.151
2017-02-21 20:39:26,410 fail2ban.action [979]: ERROR shorewall allow 119.193.140.151 -- stdout: ''
2017-02-21 20:39:26,410 fail2ban.action [979]: ERROR shorewall allow 119.193.140.151 -- stderr: ' ERROR: Shorewall is not started\n'
2017-02-21 20:39:26,410 fail2ban.action [979]: ERROR shorewall allow 119.193.140.151 -- returned 2
failban just reads logs, playing with regex to ban IP
what is the version of fail2ban please
rpm -qa |grep fail2ban
Please, show us line 187 of /var/lib/shorewall/.iptables-restore-input
grep-2.20-2.el7.x86_64
After creating the new rule, lines 185-188 of that file are -A tcpflags -p tcp --syn --sport 0 -g logflags -A ~ log0 -j LOG --log-level 6 --log-prefix "Shorewall:net2fw:DROP:" -m comment --comment "RULE#9" -A ~ log0 -j DROP -m comment --comment "RULE#9" COMMIT
Without the rule, there is no line 187…
However the new rule is RULE#10 and that is in the /var/lib/shorewall/.iptables-restore-input file in lines 151-158: -A net2fw -p 1 --icmp-type 8 -j ACCEPT -m comment --comment "Ping" -A net2fw -m iprange --src-range 118.218.219.0-118.218.219.255 -j DROP -m comment --comment "RULE#10" -A net2fw -s 217.250.39.87 -j ACCEPT -m comment --comment "RULE#3" -A net2fw -p 6 -m multiport --dports 80,443 -j ACCEPT -m comment --comment "RULE#5" -A net2fw -p 6 -m multiport --dports 25,465,587 -j ACCEPT -m comment --comment "RULE#6" -A net2fw -g ~ log0 -m comment --comment "RULE#9" -A net2loc -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A net2loc -m iprange --src-range 118.218.219.0-118.218.219.255 -j DROP -m comment --comment "RULE#10"
I want it to be executed first… that is probably why it the order is somewhat misleading…
Next time, I will definitely put it on a gist…! thank you!
it doesn’t help me…
I can’t see errors in the .iptables-restore-input file.
Would you mind recreating the rule from scratch using a CIDR object instead of a range?
The net you’re blocking is a CIDR: 118.218.219.0/24
thank you!!! that does indeed work!!!
But, do you have any idea why IP range doesn’t work??
EDIT: The range syntax would have been: 118.218.219.1-118.218.219.254
Right (stupid failure…)!!
However, I still get the very same error message as before…
Hence, this was not the reason…
Summing up: ip ranges do not work.
But I can’t reproduce the problem. I created a drop rule using your ip range and a multiport destination. Here’s what I find:
-A net2fw -m iprange --src-range 118.218.219.1-118.218.219.254 -p 6 -m multiport --dports 80,443 -j DROP -m comment --comment "RULE#1
No shorewall errors.
And without ports, like yours:
-A net2loc -m iprange --src-range 118.218.219.1-118.218.219.254 -j DROP -m comment --comment "RULE#1"
Maybe you have some rules that combined with this lead to the problem. Could you share privately your full configuration?
tar -zcvf db.tgz /var/lib/nethserver/db/
Hi, i have similar problem. It is related with COMMIT line in restore file. I’ve turn off all my “custom” rules but shorewall doesn’t start at boot, but if i restart shorewall it starts. Any help appreciated.
Ok, in this minute i’ve removed also all host objects and shorewall is starting at boot, but why this things doesn’t work?.
Edit:
Thanks phonon indeed my firewalld was inactive(dead) but enabled so i turned it off. But the problem still apears if i have just one host in objects (shorewall doesn’t start at boot).
Edit:
It seems that when I fixed problem with libvirtd (not starting) now I can have firewall objects and shorewall starts at boot.
Thanks to @filippo_carletti I found my failure… I hadn’t rebooted my system after the last kernel update… now everything works!