I have fail2ban on my mail server monitoring Dovecot and Exim. I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log:
2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05 2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224 2020-04-07 09:42:06,981 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- exec: ipset create f2b-dovecot hash:ip timeout 3600000 firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports 0:65535 -m set --match-set f2b-dovecot src -j REJECT --reject-with icmp-port-unreachable 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: "ipset v7.1: Syntax error: '3600000' is out of range 0-2147483" 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: "Error: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: Set f2b-dovecot doesn't exist." 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: '' 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: 'Error occurred at line: 2' 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: "Try `iptables-restore -h' or 'iptables-restore --help' for more information." 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- stderr: '' 2020-04-07 09:42:06,982 fail2ban.utils [16138]: ERROR 7ff736d6f930 -- returned 13 In /var/log/firewalld I got 2020-04-07 09:42:06 ERROR: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: Set f2b-dovecot doesn't exist. Error occurred at line: 2 Try `iptables-restore -h' or 'iptables-restore --help' for more information. Looking back at my logs, this has been going on some time. Any advice on fixing this would be appreciated _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
