Yaroslav Halchenko a écrit :
indeed strange... unfortunately it would be impossible for me to try it
myself - no sparc around

        I can open a ssh access to one on mine ;-)

could you please boost verbosity in fail2ban.conf (or override it in
fail2ba.local) and then send me along fail2ban.log (if it has anything
in) and output of
sh -x /etc/init.d/fail2ban start

        Now, loglevel=4 in /etc/fail2ban/fail2ban.conf
hilbert:/etc/fail2ban# sh -x /etc/init.d/fail2ban  start
+ PATH=/usr/sbin:/usr/bin:/sbin:/bin
+ DESC='authentication failure monitor'
+ NAME=fail2ban
+ DAEMON=/usr/bin/fail2ban-client
+ SOCKFILE=/tmp/fail2ban.sock
+ SCRIPTNAME=/etc/init.d/fail2ban
+ '[' -x /usr/bin/fail2ban-client ']'
+ '[' -r /etc/default/fail2ban ']'
+ . /etc/default/fail2ban
++ FAIL2BAN_OPTS=
+ DAEMON_ARGS=
+ '[' -f /etc/default/rcS ']'
+ . /etc/default/rcS
++ TMPTIME=0
++ SULOGIN=no
++ DELAYLOGIN=no
++ UTC=yes
++ VERBOSE=yes
++ FSCKFIX=no
+ . /lib/lsb/init-functions
++ '[' -e /etc/lsb-base-logging.sh ']'
++ true
+ case "$1" in
+ '[' yes '!=' no ']'
+ log_daemon_msg 'Starting authentication failure monitor' fail2ban
+ '[' -z 'Starting authentication failure monitor' ']'
+ '[' -z fail2ban ']'
+ echo -n 'Starting authentication failure monitor: fail2ban'
Starting authentication failure monitor: fail2ban+ do_start
+ do_status
+ /usr/bin/fail2ban-client status
+ case $? in
+ return 0
+ return 1
+ '[' yes '!=' no ']'
+ log_end_msg_wrapper 0 2
+ '[' 0 -lt 2 ']'
+ value=0
+ log_end_msg 0
+ '[' -z 0 ']'
+ log_use_fancy_output
+ TPUT=/usr/bin/tput
+ EXPR=/usr/bin/expr
+ '[' FANCYTTY = 0 ']'
+ '[' xxterm '!=' xdumb ']'
+ '[' -x /usr/bin/tput ']'
+ '[' -x /usr/bin/expr ']'
+ /usr/bin/tput hpa 60
+ /usr/bin/tput setaf 1
+ FANCYTTY=1
+ true
++ /usr/bin/tput setaf 1
+ RED=''
++ /usr/bin/tput op
+ NORMAL=''
+ '[' 0 -eq 0 ']'
+ echo .
.
+ return 0
+ :
hilbert:/etc/fail2ban# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
hilbert:/etc/fail2ban#

        But if I run :

hilbert:/etc/fail2ban# sh -x /etc/init.d/fail2ban reload
+ PATH=/usr/sbin:/usr/bin:/sbin:/bin
+ DESC='authentication failure monitor'
+ NAME=fail2ban
+ DAEMON=/usr/bin/fail2ban-client
+ SOCKFILE=/tmp/fail2ban.sock
+ SCRIPTNAME=/etc/init.d/fail2ban
+ '[' -x /usr/bin/fail2ban-client ']'
+ '[' -r /etc/default/fail2ban ']'
+ . /etc/default/fail2ban
++ FAIL2BAN_OPTS=
+ DAEMON_ARGS=
+ '[' -f /etc/default/rcS ']'
+ . /etc/default/rcS
++ TMPTIME=0
++ SULOGIN=no
++ DELAYLOGIN=no
++ UTC=yes
++ VERBOSE=yes
++ FSCKFIX=no
+ . /lib/lsb/init-functions
++ '[' -e /etc/lsb-base-logging.sh ']'
++ true
+ case "$1" in
+ log_daemon_msg 'Reloading authentication failure monitor' fail2ban
+ '[' -z 'Reloading authentication failure monitor' ']'
+ '[' -z fail2ban ']'
+ echo -n 'Reloading authentication failure monitor: fail2ban'
Reloading authentication failure monitor: fail2ban+ do_reload
+ /usr/bin/fail2ban-client reload
+ return 0
+ log_end_msg 0
+ '[' -z 0 ']'
+ log_use_fancy_output
+ TPUT=/usr/bin/tput
+ EXPR=/usr/bin/expr
+ '[' FANCYTTY = 0 ']'
+ '[' xxterm '!=' xdumb ']'
+ '[' -x /usr/bin/tput ']'
+ '[' -x /usr/bin/expr ']'
+ /usr/bin/tput hpa 60
+ /usr/bin/tput setaf 1
+ FANCYTTY=1
+ true
++ /usr/bin/tput setaf 1
+ RED=''
++ /usr/bin/tput op
+ NORMAL=''
+ '[' 0 -eq 0 ']'
+ echo .
.
+ return 0
+ :
hilbert:/etc/fail2ban# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
DROP       0    --  webwonderworld.net   anywhere
RETURN     0    --  anywhere             anywhere
hilbert:/etc/fail2ban#

Thank you!

        You're welcome. And if you have any idea...

        Regards,

        JKB

Reply via email to