Adding iptables rules after implementing fail2ban

I recently implemented fail2ban on a fresh debian server which left me with some default iptables configuration automatically, root@plutarchy:/etc/apache2# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-ssh -A INPUT -p tcp -m multiport --dports 2222 -j fail2ban-ssh -A fail2ban-ssh -j RETURN Now, when I add some old iptables rules that I don't want to run through fail2ban, I end up with the following, -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-ssh -A INPUT -p tcp -m multiport --dports 2222 -j fail2ban-ssh -A INPUT -s 127.0.0.1/32 -i lo -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp --dport 2222 -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -j DROP -A fail2ban-ssh -j RETURN Note that I need to add the line **-A INPUT -p tcp --dport 2222 -j ACCEPT** or I cannot ssh into the box. Will fail2ban still protect ssh (port 2222) when I have this line inserted? If not, how can I make sure ssh still goes through fail2ban while I have port 80 opened for normal operation?