Here's what I've learned. Unlike older versions of fail2ban which created the chains on startup, modern fail2ban it creates the chains on-demand. Right now I have the full path to iptables in the config, but once the SSH ban lifts and I can get back into my VM I'll try locking myself out again without the full path.
Most Linux distributions will default to running a host-based firewall, iptables. If you want your hosts to communicate with each other, you have two options: turn off iptables or configure iptables to allow the communication. I prefer to leave iptables turned on and configure access. Keeping iptables is just another layer of your defence across the network. Where is iptables in Ubuntu 16.04? - Ask Ubuntu sudo iptables-save | sudo tee /etc/iptables.conf Then, to load your rules, it's a simple matter of running: sudo iptables-restore < /etc/iptables.conf You can add this to your /etc/rc.local or similar to have it run automatically at boot, or you can have your program call this executable (or just pass the same iptables rules over and over again). ArchLinux - iptables *filter :INPUT ACCEPT [368:102354] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [92952:20764374] -A INPUT -i lo -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 -A INPUT -j DROP COMMIT iptables: The Default Linux Firewall This article deals with iptables, which is a built-in firewall in Linux. The authors explain the commands to configure iptables for various situations, thus making this a must-read for newbies.
The Bash Script To Configure The Firewall Using IPTABLES About the Script: This script is about to build a firewall in Linux OS by using iptables, the user only needs to follow and answer the simple and easy steps and the script will generate the user specified iptables rule in its original form.
Samba: Linux Iptables Firewall Configuration - nixCraft Mar 31, 2017 How to Configure 'FirewallD' in RHEL/CentOS 7 and Fedora 21
iptables-save > iptables.conf. Now cat your saved iptables.conf file to look it over. cat iptables.conf. The first command listed below makes a backup of the original default iptables configuration file, and the second command replaces the iptables configuration file with the current configuration, that was just saved as iptables.conf.
Jan 28, 2015 How to configure the passive ports range for ProFTPd on a May 28, 2020 Easy IPTables Configuration and Examples on Ubuntu 16.04