From 600ecb5356970ee7fd5cfcee55c51d12bb0c2777 Mon Sep 17 00:00:00 2001
From: jordanrinke <me@jordanrinke.com>
Date: Fri, 8 Aug 2014 16:41:31 -0700
Subject: [PATCH] Exclude f2b sets

If you save the f2b set, it will stack them on restart. Adding grep -iv "f2b" will exclude any sets from fail2ban from being saved, so they append a single time properly
---
 iptables-persistent | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iptables-persistent b/iptables-persistent
index 01ca1d2d..fe174d8f 100644
--- a/iptables-persistent
+++ b/iptables-persistent
@@ -72,7 +72,7 @@ save_rules()
     log_action_cont_msg " skipping IPset - no sets defined or not loaded"
   elif [ -x /usr/sbin/ipset ] || [ -x /sbin/ipset ]; then
     log_action_cont_msg " IPset"
-    ipset save > /etc/iptables/rules.ipsets
+    ipset save | grep -iv "f2b"> /etc/iptables/rules.ipsets
     if [ $? -ne 0 ]; then
       rc=1
     fi