I see sudden change iptables .
iptables -L --line-numbers
Chain INPUT (policy DROP)
num target prot opt source destination
1 fail2ban-dovecot tcp -- anywhere anywhere multiport dports smtp,urd,submission,imap2,imap3,imaps,pop3,pop3s
2 fail2ban-yunohost tcp -- anywhere anywhere multiport dports http,https
3 fail2ban-sasl tcp -- anywhere anywhere multiport dports smtp,urd,submission,imap2,imap3,imaps,pop3,pop3s
4 fail2ban-nginx tcp -- anywhere anywhere multiport dports http,https
5 fail2ban-pam-generic tcp -- anywhere anywhere
6 fail2ban-postfix tcp -- anywhere anywhere multiport dports smtp,urd,submission
7 fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
9 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
10 ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
11 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
12 ACCEPT tcp -- anywhere anywhere tcp dpt:http
13 ACCEPT tcp -- anywhere anywhere tcp dpt:https
14 ACCEPT tcp -- anywhere anywhere tcp dpt:urd
15 ACCEPT tcp -- anywhere anywhere tcp dpt:submission
16 ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
17 ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-client
18 ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-server
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain fail2ban-dovecot (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-nginx (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-pam-generic (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-postfix (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-sasl (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
The lines after 7 were never there before. Yesterday I saw these lines added. Is this ok and will fail2ban keep working ?
Earlier it was like:
iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 REJECT tcp -- anywhere anywhere tcp dpt:https reject-with icmp-port-unreachable
2 fail2ban-nginx tcp -- anywhere anywhere multiport dports http,https
3 fail2ban-pam-generic tcp -- anywhere anywhere
4 fail2ban-sasl tcp -- anywhere anywhere multiport dports smtp,urd,submission,imap2,imap3,imaps,pop3,pop3s
5 fail2ban-yunohost tcp -- anywhere anywhere multiport dports http,https
6 fail2ban-dovecot tcp -- anywhere anywhere multiport dports smtp,urd,submission,imap2,imap3,imaps,pop3,pop3s
7 fail2ban-postfix tcp -- anywhere anywhere multiport dports smtp,urd,submission
8 fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain fail2ban-dovecot (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-nginx (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-pam-generic (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-postfix (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-sasl (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
Chain fail2ban-yunohost (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere
I did not changed them manual.