4

I am trying to create a jail for fail2ban, where upon a regex match I want to block the source IP from reaching either port 80 or 443 on my server.

I've tried variations of this:

action = iptables[name=HTTP, port=http, protocol=tcp]
         iptables[name=HTTPS, port=https, protocol=tcp]

but keep getting errors. Lots of googling has turned up different suggestions that I can't make work. Can someone show how one action can create two iptables rules? (or equivalent for what I'm trying to achieve)

TSG
  • 1,580
  • 6
  • 26
  • 42

1 Answers1

5

You can't use the same action name twice in the same jail. Here it's "iptables". Note that name= is the parameter name which is action oriented (action runtime parameter, in case of iptables it is a part of chain like f2b-), but not the action name itself.

To overcome this you need to introduce different actname:

action = iptables[actname=HTTP, name=HTTP, port=http, protocol=tcp]
         iptables[actname=HTTPS, name=HTTPS, port=https, protocol=tcp]
Hardoman
  • 151
  • 1
  • 3