I am using Fail2Ban. It is working as expected for SSH port blocking all failed attempts. Fail2Ban also adds a rule in IPTables, dropping all requests from that IP.
I can see the blocked IPs related to Chain fail2ban-ssh using iptables -L command, but visiting Webmin in Networking - Linux Firewall there are no records for banned IPs in Chain fail2ban. As you can see from the attachment in fail2ban-ssh section there is only Exit Chain Always. Normally it should show all banned IP addresses.
In my opinion this is a bug or a missing feature related to Linux Firewall section in Webmin. It is not reading and showing the rules from other Chains like fail2ban-ssh. All the rules from INPUT, OUTPUT, FORWARD appear immediately I added them this proves Webmin reads all rules, but show only those in known section, but not in fail2ban-ssh.
Howdy,
Fail2ban dynamically adds/updates rules, whereas, by default, Webmin operates on the iptables save file.
What you would want to do is look in Webmin -> Networking -> Linux Firewall -> Module Config -> System Config, and there, set "Directly edit firewall rules instead of save file" to "Yes".
-Eric
Good tip. I appreciate for your help.