firewalld and fail2ban?
Matthew Miller
mattdm at fedoraproject.org
Wed Dec 19 18:52:53 UTC 2012
On Wed, Dec 19, 2012 at 03:43:14PM +0100, Mateusz Marzantowicz wrote:
> Firewalld is a firewall - it only inspects packets and can do some basic
> processing of ip traffic like blocking by port. Firewalld doesn't
Getting into sementics a little bit, but: firewalld doesn't actually do
those things. FirewallD manages kernel-based netfilter/iptables firewall.
That's kind of what fail2ban does too, in a very rudimentary way.
> monitor your logs which fail2ban does to know about attempts to log in
> to your system. So this two tools doesn't exclude each other.
They don't, but it's very possible for them to step on each other's toes.
Probably the right thing to do here is write a firewall-cmd action for
fail2ban.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the users
mailing list