Survive DDOS attack with Nginx's and fail2ban


#1

I am getting below errors in /var/log/fail2ban.log

2018-03-16 22:58:54,058 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – stdout: b’’ 2018-03-16 22:58:54,059 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – stderr: b"iptables v1.6.0: can’t initialize iptables table filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables tablefilter’: Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\ngetsockopt failed strangely: Operation not permitted\n"

2018-03-16 22:58:54,059 fail2ban.action [29752]: ERROR iptables -w -N f2b-sshd iptables -w -A f2b-sshd -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd – returned 1

2018-03-16 22:58:54,059 fail2ban.actions [29752]: ERROR Failed to start jail ‘sshd’ action ‘iptables-multiport’: Error starting action

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – stdout: b’’

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – stderr: b"iptables v1.6.0: can’t initialize iptables table filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables tablefilter’: Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\ngetsockopt failed strangely: Operation not permitted\n"

2018-03-16 22:58:54,169 fail2ban.action [29752]: ERROR iptables -w -N f2b-ReqLimit iptables -w -A f2b-ReqLimit -j RETURN iptables -w -I INPUT -p tcp -m multiport --dports http,https -j f2b-ReqLimit – returned 1

2018-03-16 22:58:54,170 fail2ban.actions [29752]: ERROR Failed to start jail ‘nginx-req-limit’ action ‘iptables-multiport’: Error starting action

I am running it as service under root only.


#2

Hello,

what is the kernel version of your server ? Use the command uname -a to display it.


#3

Hello,

this is the output of uname -a

Linux 40bd26f74ca0 4.9.43-17.39.amzn1.x86_64 #1 SMP Fri Sep 15 23:39:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


#4