Join Log in
Score:0
pata2004 avatar Server

Firewalld enable but need restart it again after reboot

in flag
pata2004

I have

rocky 8 PHP 8.1 Apache/2.4.37 (rocky)

Firewalld blocking thousands and thousands of IP's

enable with firewall-cmd --permanent --zone=block --add-source=ipset:block_ips

When I reboot the server the firewalld blocks the httpd server, and I can't access to the webpage.

My solution is to restart the firewall and everything is ok again.

The firewalld is enabled and shouldn't be necessary to restart again the firewalld on every reboot, but I need to do that, any ideas on how to solve this?

EDIT:

1- Running fail2ban;

2- The firewall-cmd --list-all doesn't have any kind of useful information.;

3- On Ipset I made: firewall-cmd --permanent --new-ipset=block_countries --type=hash:net --option=family=inet --option=hashsize=4096 --option=maxelem=999999

firewall-cmd --permanent --zone=block --add-source=ipset:block_countries>

firewall-cmd --permanent --ipset=block_countries --add-entries-from-file=/uilas/blacklist/block_countries

237
1 + 4
Ginnungagap avatar
gu flag
Ginnungagap
Have you check what `--list-all` says when the server is locked? How is the ipset managed? Are you running fail2ban?
0
Reply
pata2004 avatar
in flag
pata2004
Hi @Ginnungagap , 1- Yes, I'm running fail2ban; 2- The firewall-cmd --list-all doesn't have any kind of useful information.; 3- On Ipset I made: firewall-cmd --permanent --new-ipset=block_countries --type=hash:net --option=family=inet --option=hashsize=4096 --option=maxelem=999999 firewall-cmd --permanent --zone=block --add-source=ipset:block_countries> firewall-cmd --permanent --ipset=block_countries --add-entries-from-file=/uilas/blacklist/block_countries
0
Reply
Ginnungagap avatar
gu flag
Ginnungagap
Try disabling fail2ban and see if you still have the issue, my guess would be not. Also feel free to add information to your question which has better formatting support than comments.
0
Reply
pata2004 avatar
in flag
pata2004
Thanks @Ginnungagap, you are right the issue is on fail2ban
0
Reply
Score:0
pata2004 avatar Server
in flag
pata2004

Disabling apache-botsearch on fail2ban solves the issue

+ 2
Ginnungagap avatar
gu flag
Ginnungagap
The issue is likely that fail2ban injects its rules by default as the first rule of the input chain (for legacy iptables) or a `filter - 1` priority table meaning some of your expected rules might not apply. It also has a whitelist option to avoid blocking your own IPs.
0
Reply
Ginnungagap avatar
gu flag
Ginnungagap
When you restart firewalld, rules not managed by firewalld get removed which explains why restarting it fixed the issue.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.