Samuel E. asked:
I’m setting up Fail2ban to protect ssh, and I use firewalld,
I saw a lot of people recommending to use
anaction = iptables-multiport
and other solutions using iptables instead of firewalld claiming that it is faster or consumes less resources.
As I said before I already configured firewalld(actualy I just blocked all the ports except the ones I use which took me 3 min), and I wanted to know if I should use iptables or firewalld by setting
firewallcmd-ipset instead of the above configuration(whichever will be faster).
Also I noticed that I have an iptables package installed even tough I don’t remember installing it, however it’s not running nor can be run.
So just to clarify:
Which one is better for performance?
Which is the default firewall that fail2ban uses on centos7?
Does firewalld replaces Iptables, or is it just a different way to interact with it?
If you already use firewalld, then you should have fail2ban also use firewalld. There’s no point in having it use iptables directly in this scenario. Not to mention that
firewallcmd-ipset has much better performance for large ban lists than
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.