Blocking does not seem to work yet #9
Comments
|
Hi there, I encountered the same issue you've reported, where the logs showed errors like After some investigation, I found the root cause to be a mismatch between the iptables versions used by my host system and the Fail2Ban Docker container. Specifically, the Docker container uses This mismatch led to a scenario where the Fail2Ban container could not find the The solution I found was to align the iptables version used by both the host and the Fail2Ban container. On my host, I switched to sudo update-alternatives --set iptables /usr/sbin/iptables-nft
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-nftAfter making this change, Fail2Ban started working as expected, with no more errors about missing chains or targets in the logs. I hope this helps resolve the issue for anyone else experiencing similar problems. It's essential to ensure that both the host and container environments use compatible versions of iptables for Fail2Ban to function correctly in a Dockerized setup. |
|
Thanks for the hint! I added this to the usual docs via nextcloud/all-in-one@9736a77 |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
Sometimes
stderr: 'iptables: No chain/target/match by that name.'andstderr: 'ip6tables: No chain/target/match by that name.'gets printed in the logs and access is still possible.Might need to follow https://silvermou.se/how-to-resolve-no-chain-target-match-by-that-name-when-using-iptables-multiport-and-fail2ban/ and/or NginxProxyManager/nginx-proxy-manager#39 (comment) to make it work
Also see https://github.com/linuxserver/fail2ban-confs/
The text was updated successfully, but these errors were encountered: