John Hinton wrote: > Agile Aspect wrote: > >> Devraj Mukherjee wrote: >> >> >>> Hi all, >>> >>> I am trying to get fail2ban going on my server and its log message >>> reports the following error >>> >>> 2009-02-16 17:42:05,339 ERROR: 'iptables -L INPUT | grep -q >>> fail2ban-SSH' returned 256 >>> 2009-02-16 17:42:05,354 ERROR: 'iptables -D INPUT -p tcp --dport ssh >>> -j fail2ban-SSH >>> >>> Is this because of the way the RedHat tool sets up the firewall? >>> >>> Thanks for any responses. >>> >>> >>> >>> >> First, have you installed iptables, shorewall, and tcp-wrappers >> installed? >> >> Second, have you tried the failed grep expression, i.e., have >> you tried >> >> iptables -L INPUT | grep -q fail2ban-SSH >> >> As to why this would fail, you need to ask on the fail2ban >> mailing list since evidently this appears to be part of the >> installation. >> >> The iptables can be setup by anyone - RedHat simply provides >> a default set of rules. >> >> >> > Actually, it is a rather OS dependent package and the rules for CentOS > are difficult to write. That really doesn't belong on the fail2ban list > either. > Please post the iptable rule which you is believe is OS dependent. > You don't need shorewall, just the standard CentOS firewall works fine. > It depends upon what the OP installed. The fail2ban web page recommends shorewall be installed - so there's a chance the OP installed it. -- Article. VI. Clause 3 of the constitution of the United States states: "The Senators and Representatives before mentioned, and the Members of the several State Legislatures, and all executive and judicial Officers, both of the United States and of the several States, shall be bound by Oath or Affirmation, to support this Constitution; but no religious Test shall ever be required as a Qualification to any Office or public Trust under the United States."