I installed the distro for FreePBX 14. I am somewhat familiar with fail2ban, I use it on other systems. But it is not working on the FreePBX installation.
I tested it and it is not blocking anything. Then I dug a little deeper, I logged into the server and ran fail2ban-client status, and it said: Number of jail: 0.
So that explains why it is not blocking anything, but looking at the jail.local and related files, everything looks reasonable. Yet, fail2ban is not doing anything. Again, this is a clean install of the freePBX distro.
I can’t really help you here as I have not played much with fail2ban but just to be sure of what we are talking of here, is this a new install or an upgrade?
It sounds like it’s a new install but I am not fully sure…
I also verified fail2ban on SNG7 not working, even though it is running, but there are no active jails. Not even reload got it working, either with FreePBX Firewall module enabled or disabled.
Fail2ban is working now, but there are additional problems.
For example, I wanted to increase the bantime to 30000, but when I did that, it still had the default (I think it was 600).
I had to go to the command line and force it to change.
I just did a reload like you suggested. Then I have been making config changes from the command line. I would love to hear an official response on it though.
It was suggested that it is exclusive of the firewall, but need some more information.
I use f2b a lot on my edge firewall and it is a lifesaver, especially against aggressive spam campaigns.
OK, I thought you had found a way to have this stick without the need for a reload…
I don’t use the firewall, never did… I enforce ACLs on my SIP ports (and others) with another firewall…
Anyone know if it is possible not to have the firewall enabled when the server is initially installed (since this seems to be part of the problem)? I don’t remember…
The thing I don’t get though is why a reload is fixing things (even if the firewall was possibly initially enabled) and what do we need to do not to have to do this reload to get things working…
Confirmed.
Fresh install FreePBX Distro SNG7, Firewall module not activated by startup wizard end removed by
fwconsole ma delete.
Fail2Ban start with 0 jails.
After manual run
fail2ban-client reload
all work OK.