Re: Fail2Ban Question: Can I do this without restarting the service?

To: debian-user@lists.debian.org
Subject: Re: Fail2Ban Question: Can I do this without restarting the service?
From: cyaiplexys <cyaiplexys@sitesplace.net>
Date: Fri, 17 Aug 2018 13:56:03 -0400
Message-id: <[🔎] 5e14fe8f-ad0f-fbd2-3d49-73de06d44f82@sitesplace.net>
Reply-to: cyaiplexys@sitesplace.net
In-reply-to: <[🔎] d4d8c450-1cc9-f570-b2b6-758c40aa5868@mail.com>
References: <[🔎] 4cddbaa0-29b0-a765-a765-a08220a08301@sitesplace.net> <[🔎] 20180816170055.GI9691@sherohman.org> <[🔎] 08ca210b-0276-a067-7925-616d4d80235a@sitesplace.net> <[🔎] 20180817145500.GL9691@sherohman.org> <[🔎] 0ed84c7a-ecff-7ab4-43ad-31bf84c8f37b@sitesplace.net> <[🔎] d4d8c450-1cc9-f570-b2b6-758c40aa5868@mail.com>

On 08/17/2018 01:16 PM, john doe wrote:

On 8/17/2018 6:50 PM, cyaiplexys wrote:

On 08/17/2018 10:55 AM, Dave Sherohman wrote:

On Thu, Aug 16, 2018 at 02:07:02PM -0400, cyaiplexys wrote:

See, that all is way over my head. I don't understand this stuff as I'm
pretty much a total beginner in this.


OK, fair enough.  Let's see what help I can offer.


Greatly appreciated. :)

Does Debian and Debian based systems have the firewall installed and
running by default?


No.  For general-purpose firewalling, I would suggest installing ufw
(`sudo apt-get install ufw`), as it's much simpler to manage than using
iptables (the underlying firewall control scheme used by both ufw and
fail2ban to communicate with the kernel) directly.

After installing ufw, the following commands should get you started (all
of them need to be run with sudo or from a root shell):

If I'm following you so far, ufw is a firewall like iptables? Or areplacement for iptables?


No -- ufw is a "front end" to iptables.

Ufw is easy to configure and will translate to a format understood byiptables.

In other words, "iptables" is the firewall and UFW, Shorewall ... allowsyou to control that wall between you and the internet.


Also, a server without firewall capibility should never be facing internet.


So do I have to sudo apt-get iptables or is that already installed?

[other very useful stuff snipped...]

Reply to:

Follow-Ups:
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: Brian <ad44@cityscape.co.uk>

References:
- Fail2Ban Question: Can I do this without restarting the service?
  - From: cyaiplexys <cyaiplexys@sitesplace.net>
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: Dave Sherohman <dave@sherohman.org>
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: cyaiplexys <cyaiplexys@sitesplace.net>
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: Dave Sherohman <dave@sherohman.org>
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: cyaiplexys <cyaiplexys@sitesplace.net>
- Re: Fail2Ban Question: Can I do this without restarting the service?
  - From: john doe <johndoe65534@mail.com>

Prev by Date: Re: Group ID conflicts between different distros: how to manage them with NIS?
Next by Date: Re: Fail2Ban Question: Can I do this without restarting the service?
Previous by thread: Re: Fail2Ban Question: Can I do this without restarting the service?
Next by thread: Re: Fail2Ban Question: Can I do this without restarting the service?
Index(es):
- Date
- Thread