kvmhost02: do not use fail2ban with iptables

itguru.at.fwb

@@ -2455,7 +2455,7 @@
       <ServiceGroup id="id1599X5690" name="TagServices" comment="" ro="False"/>
     </ServiceGroup>
     <ObjectGroup id="id1600X5690" name="Firewalls" comment="" ro="False">
-      <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1599724492" lastInstalled="1599724529" lastModified="1599724460" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
+      <Firewall id="id8899X28426" host_OS="linux317" inactive="False" lastCompiled="1600959175" lastInstalled="1599724529" lastModified="1600959698" platform="iptables" version="1.4.20" name="kvmhost02" comment="" ro="False">
         <NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
           <NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
             <OSrc neg="False">
@@ -4025,7 +4025,10 @@
           <Option name="data_dir"/>
           <Option name="debug">False</Option>
           <Option name="drop_invalid">False</Option>
-          <Option name="epilog_script">/root/fix_ipv6</Option>
+          <Option name="epilog_script">/root/fix_ipv6
+# fail2ban uses the route strategy for now
+#/bin/systemctl restart fail2ban.service
+#/sbin/iptables -I INPUT -p tcp -m multiport --dports 1848,20000 -j f2b-sshd</Option>
           <Option name="firewall_dir">/etc/firewall/</Option>
           <Option name="firewall_is_part_of_any_and_networks">True</Option>
           <Option name="flush_and_set_default_policy">True</Option>