As John R Pierce mentioned one of your first rule in the chain is "RH-Firewall-1-INPUT all -- anywhere anywhere", this simply mean everything with "DROP" after it will be ignored. iptables will work its way down the chain, therefore you have to options
- remove that line or
- move it at the bottom of the chain.
I am clearly missing some emails, because I didn't see a reply from John R Pierce. My apologies. I appreciate you restating this. I'll try to go make sense of iptables, given the insight,
thanks, -chuck
OK, I went to the list archive and found the email in question. Also, one after it that asked how I added these rules.
I ran a script after fail2ban was started. It looks like this: #!/bin/sh iptables -A INPUT -s 116.10.191.0/24 -j DROP iptables -A INPUT -s 183.136.220.0/24 -j DROP iptables -A INPUT -s 183.136.221.0/24 -j DROP iptables -A INPUT -s 183.136.222.0/24 -j DROP iptables -A INPUT -s 183.136.223.0/24 -j DROP iptables -A INPUT -s 122.224.11.0/24 -j DROP iptables -A INPUT -s 219.138.0.0/16 -j DROP
so, how do I get them in front of the RH-Firewall-1-INPUT, or do I add them to that chain?
-chuck