Configuring fail2ban on AL2023 (2023.6.20241212) with firewallD?

[ChadReitsma]

I see that fail2ban is now available on AL2023 per: https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.6.20241010.html

I installed it with: sudo dnf install fail2ban

Noticed the firewalld service was created during install:
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service." Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

Two immediate issues presented themselves:

1. Checked status of firewalld (it wasn't running) ... So I started it with systemctl start firewalld, but then all http/s traffic is blocked by default -- we have to add those services to firewalld
2. The fail2ban service isn't running either, I can start this and enable jails, but it seems like it's default config is with iptables, not with FirewallD - do I need to modify any other config files (jail.local) ? Kind of lost here...

I just want to use fail2ban with a simple jail and configuring it with FirewallD seems like a hassle -- what are my options?

Any help + guidance is appreciated!

Cheers,
C.

[ChadReitsma]

I did some more reading on firewalld and was able to add the http + https service to open those ports/services, then I realized fail2ban defaults to using iptables (if you have copied the default jail.conf to jail.local to make configuration changes, or whitelist your IP) so firewalld wasn't even necessary in my case. I disabled firewalld with: systemctl disable firewalld.