From 317f3e41c20b247860266238d44cdd8f52485f77 Mon Sep 17 00:00:00 2001
From: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Date: Mon, 6 Sep 2021 11:39:50 +0200
Subject: [PATCH] Update F2B wrapper to show possible errors with IPTables
 (#2170)

---
 target/bin/fail2ban | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/target/bin/fail2ban b/target/bin/fail2ban
index e1c5363b..cf5d6f57 100755
--- a/target/bin/fail2ban
+++ b/target/bin/fail2ban
@@ -3,6 +3,24 @@
 # shellcheck source=../scripts/helper-functions.sh
 . /usr/local/bin/helper-functions.sh
 
+if ! IPTABLES_OUTPUT=$(iptables -L 2>&1)
+then
+  echo "IPTables is not functioning correctly. The output of \`iptables -L\` was:
+
+${IPTABLES_OUTPUT}
+
+Possible causes for this error are
+
+1. Missing capabilities (you need CAP_NET_RAW & CAP_NET_ADMIN, see \`capsh --print\`)
+2. Modifications caused by user-patches.sh
+3. Host is configured incorrectly
+
+Aborting...
+"
+
+  exit 1
+fi
+
 function usage { echo "Usage: ${0} [<unban> <ip-address>]" ; }
 
 unset JAILS