On Wed, 1 Jan 2020, Allan wrote: > På Tue, 31 Dec 2019 18:53:38 +0000 > John H Nyhuis <jnyhuis at uw.edu> skrev: >> Just a random stab in the dark, but CEntOS6 was iptables, and CentOS7 >> is firewalld. They take different fail2ban packages. >> >> CentOS6 = fail2ban >> CentOS7 = fail2ban-firewalld >> >> Are you sure you are running the correct fail2ban package for your >> firewall? (I screwed this up myself before I noticed and fixed it...) > > I do have the f2b-firewalld package installed yes. Since it was an > update - it only replaced same installed packages. > > A standard install of F2B on Centos7 do also include the f2b-systemd > package - which would seem logical. However, after I started using > the recidive filter - which IMHO is one of the most important ones - > it didn't work. Removing the f2b-systemd package fixed that - and > didn't hurt anything else. > > I have no idea why that is - or if that could be part of the problem > with the update here on my system. If it helps to have another data point, my C7 server has two fail2ban packages installed: * fail2ban-firewalld-0.10.4-1.el7.noarch * fail2ban-server-0.10.4-1.el7.noarch They were upgraded back on December 9 and have worked without any major hiccups. The fail2ban-server package provides the systemd unit file, /usr/lib/systemd/system/fail2ban.service, so I was curious to know what the the fail2ban-systemd package actually does. The description field for the fail2ban-systemd rpm says, > This package configures Fail2Ban to use the systemd journal for > its log input by default. All of the logpath entries in my fail2ban configuration point to ordinary /var/log/* files. I don't know how fail2ban-systemd repoints the logpath entries to use inputs from systemd-journald, but I suspect that's where the mismatch may be happening. -- Paul Heinlein heinlein at madboa.com 45°38' N, 122°6' W