centos 7 : fail2ban not working due to firewall configuration
Centos 7 (and Red Hat related distro) make use of the new firewalld service wich replaces the iptables command. ISPConfig has its own firewall (bastille-firewall), hence the firewalld service has to be disabled. But fail2ban default installation is configured to use firewalld commands (a directive will be inserted in /etc/fail2ban/jail.d/00-firewalld.conf) and NO ANY jail command/rule will be executed. Actually, NOT ANY jail will be added since the start of the service, but no error is raised on shell (they are only written to logs): probably most of people is running fail2ban unaware that fail2ban is NOT working.
ISPConfig installation should comment the following lines:
[DEFAULT]
banaction = firewallcmd-ipset
in the file:
/etc/fail2ban/jail.d/00-firewalld.conf