[CentOS] hosts.deny, fail2ban etc.

Tue Jul 27 20:43:24 UTC 2021
H <agents at meddatainc.com>

|Running CentOS 7. I was under the impression - seemingly mistaken - that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all attempts from that network segment to connect to the server, ie before fail2ban would (eventually) ban connection attempts.

This, however, does not seem correct and I could use a pointer to correct my misunderstanding. How is hosts.deny used and what have I missed?

Is it necessary to run:

 iptables -I INPUT -s aaa.bbb.ccc.0/24 -j DROP

to drop incoming connection attempts from that subnet?

Thank you!