Fail2Ban is not updating iptables rules

I have set up fail2ban to protect my ssh port using these rather old instructions:

I tested my set-up by botching a bunch of log-ins from another computer and fail2ban does manage to block the IP. I even confirmed as shown here:

$ sudo fail2ban-client status sshd
Status for the jail: sshd
|- Filter
|  |- Currently failed: 0
|  |- Total failed:     10
|  `- File list:        /var/log/auth.log
`- Actions
   |- Currently banned: 1
   |- Total banned:     2
   `- Banned IP list:   x.x.x.x

However, the aforementioned link also mentions that new rules should get added to iptables, but when I check this I don’t see anything:

$ sudo iptables -S | grep fail

Is this a problem? If so, any idea what I could be doing wrong?


sudo iptables -S | grep fail

This was valid for very old fail2ban versions only. Newer versions will use f2b- prefix. So you have rather to check this:

sudo iptables -nL INPUT | grep f2b
sudo iptables -nL f2b-sshd | grep -Fw x.x.x.x

Also it depends on used banning action (it is confugured by maintainer of your distribution), so it can be something different than iptables.

Source : Link , Question Author : grasswistle , Answer Author : sebres

Leave a Comment