Use of firewall and fail2ban plugin

    • OMV 1.0

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Use of firewall and fail2ban plugin

      Hello,

      I've noticed several issues with using the OMV "firewall" :

      - If entering manual "firewall" rules in the firewall section, it will delete rules inserted by the fail2ban plugin, which will defeat fail2ban completely.

      - One cannot restore them manually, as the "firewall" module doesn't accept a target being another chain. Only "ACCEPT" "DROP" "REJECT" are accepted, which is far to little.

      - When entering iptables rules, the interface happily accepts them an lists them ; however, once applied, a console "iptables -vL" shows that some rules that the interface happily accepted were not applied at all, and are just missing without any error notice.

      - How would I be supposed to enter such a rule in INPUT :

      Source Code

      1. iptables -A INPUT -p tcp --dport 113 -j REJECT
      2. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


      These are the kind of rules that I seem unable to enter...

      TIA, kind regards.
    • The intention of the current UI is not to create rules with all available features, instead it should allow the user to create some easy rules quickly.

      But we are happy about every contribution, maybe you can enhance the UI and backend in a usable and understandable way for novices which reflects all iptables features.

      Power users should use the Debian ifupdown framework to apply their rules.
      Absolutely no support through PM!

      I must not fear.
      Fear is the mind-killer.
      Fear is the little-death that brings total obliteration.
      I will face my fear.
      I will permit it to pass over me and through me.
      And when it has gone past I will turn the inner eye to see its path.
      Where the fear has gone there will be nothing.
      Only I will remain.

      Litany against fear by Bene Gesserit
    • Hi all,

      - If entering manual "firewall" rules in the firewall section, it will delete rules inserted by the fail2ban plugin, which will defeat fail2ban completely.

      After entering manual "firewall" rules you NEED to restart fail2ban service.
      Fail2ban own add rules at startup, it is the normal way.
      Open Media Vault 2.2.6 (Stone burner) in Prod
      Open Media Vault 3.0.32 (Erasmus) in Test

      openmedivault Docker Container
      https://github.com/prbond/openmedivault-dockerfile

      Dev :
      openmediavault-fail2ban 1.1.5 for OMV2.X
      openmediavault-fail2ban 1.3.0 for OMV3.X
      https://github.com/prbond/openmediavault-fail2ban
      https://github.com/OpenMediaVault-Plugin-Developers/openmediavault-fail2ban