No, that would be fine too. Whatever port you expose to the internet, that’s what you want to obfuscate.
Hmmn Couldn’t we then just use iptables to block the port to the internet completely?
That’s what we’re already demonstrated in the above posts.
None of the solutions worked for me, I could still access SSH and adding “maxretry = 1” did nothing either as it still allowed 5 retries.
/sbin/iptables -A INPUT -p tcp --destination-port {PORT-NUMBER-HERE} -j DROP
EDIT:
I suppose if you want to be a little redundant you could block out going on the same port too
/sbin/iptables -A OUTPUT -p tcp --dport {PORT-NUMBER-HERE} -j DROP
@noobonlinux10, Did you reload fail2ban after changing the config?
Also, did you get the firewalld stuff working the way you wanted? You should get that configured first.
@Sensai, OP is already down the path of firewalld and fail2ban. I’m afraid posting iptables snippets will cause confusion.
@noobonlinux10, you can accomplish the same results with iptables, but you would need to disregard what @Eden and I have told you and start over.
1 Like
I want to get it working with firewalld and fail2ban. Also yeah, I reloaded the config after changing it with no new results 
use rich rules if you want to continue with firewalld
At this point, we’re going to have to look at what you’ve done so far. Can you post your configs?
Feel free to change IPs or interfaces if you don’t want us to know what those are.