Fail2ban uses iptables by default to block incoming connections when they exceed the max. login retries. The iptables rules used by fail2ban might conflict with other firewall rules, so it might be necessary to reconfigure fail2ban to use the route command for blocking incoming connections.
To reconfigure fail2ban for using the route command instead of iptables, edit or create the route.conf file:
nano /etc/fail2ban/action.d/route.conf
There you insert the following lines:
# Fail2Ban configuration file [Definition] actionban = ip route add unreachable actionunban = ip route del unreachable
Then add or change the ban action in the jail.local file in the [DEFAULT] section to “route”:
nano/etc/fail2ban/jail.local
And add or edit these lines:
# Fail2Ban configuration file [DEFAULT] banaction = route
The post Configure fail2ban to use route instead of iptables to block connections appeared first on FAQforge.
Data centers are popping up everywhere. With the rapid growth of AI, cloud services, streaming…
Our commitment to building a thriving open source community is stronger than ever. We believe…
The clock was ticking: Node.js 18’s upstream End of Life (EOL) The OpenJS Foundation is…
June 25th, 2025 – Canonical, the company behind Ubuntu, and Pure Storage, the IT pioneer…
Co-authored with Julie Muzina A year ago, during our Madrid Engineering Sprint, we challenged ourselves…
Welcome to the Ubuntu Weekly Newsletter, Issue 897 for the week of June 15 –…