# problems with fail2ban and iptables

## atmosx

Hello,

I'm trying to setup fail2ban on my host. I never had issues, but now it seems it doesn't work. Here are the errors from fail2ban.log:

```
como ~ # tail -f /var/log/fail2ban.log 

iptables -A fail2ban-SSH -j RETURN

iptables -I INPUT -p tcp] sendmail-whois[name --dport ssh -j fail2ban-SSH returned 200

2011-11-19 06:16:36,265 fail2ban.actions: WARNING [ssh-iptables] Ban 188.4.142.40

2011-11-19 06:16:36,291 fail2ban.actions.action: ERROR  iptables -n -L INPUT | grep -q fail2ban-SSH returned 100

2011-11-19 06:16:36,293 fail2ban.actions.action: ERROR  Invariant check failed. Trying to restore a sane environment

2011-11-19 06:16:36,368 fail2ban.actions.action: ERROR  iptables -N fail2ban-SSH

iptables -A fail2ban-SSH -j RETURN

iptables -I INPUT -p tcp] sendmail-whois[name --dport ssh -j fail2ban-SSH returned 200

2011-11-19 06:16:36,405 fail2ban.actions.action: ERROR  iptables -n -L INPUT | grep -q fail2ban-SSH returned 100

2011-11-19 06:16:36,407 fail2ban.actions.action: CRITICAL Unable to restore environment

2011-11-19 06:16:58,459 fail2ban.actions: WARNING [ssh-iptables] 188.4.xx.xx already banned

2011-11-19 06:17:13,007 fail2ban.actions: WARNING [ssh-iptables] 188.4.xx.xx already banned
```

After all these lines and all the "already banned" thing, I get this from iptables and the address is not banned at all (I'm running an ssh-bruteforce python script from another host).

```
como ~ # iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)

target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination         

Chain fail2ban-SSH (0 references)

target     prot opt source               destination         

RETURN     all  --  anywhere             anywhere           
```

I have almost all (except experimental) kernel modules for netfilter (iptables) loaded or build-in the kernel. So it's not an issue of modules I guess.

Is it possible that fail2ban script has erroneous iptables cli's?

----------

## atmosx

The problem was a configuration file typo.

Now it's solved.

----------

