Re: [Fail2ban-users] f2b does not ban anymore

Mitchell Krog Photography Sun, 19 Feb 2017 08:17:01 -0800

You’ve probably gone from v8 or lower. There are major changes in the way
jails are configured in v0.9 and up.
Configurations are now done using .local files and there’s also been lots
of syntax changes which if you are using an old fail2ban.conf will cause it
to not work.
Have a look through the documentation on 0.9



From: Ferdinand Thommes <fe.th...@posteo.net> <fe.th...@posteo.net>
Reply: fe.th...@posteo.net <fe.th...@posteo.net> <fe.th...@posteo.net>
Date: 19 February 2017 at 5:41:42 PM
To: fail2ban-users@lists.sourceforge.net
<fail2ban-users@lists.sourceforge.net>
<fail2ban-users@lists.sourceforge.net>
Subject:  [Fail2ban-users] f2b does not ban anymore

Hi,
I have been running f2b on a Debian Stable server for a long time.
Yesterday I upgraded the server to Debian Testing and with that came
fail2ban 0.9.6-1. For starters the service would not start, but I got
that fixed:

systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor
preset: enabled)
Active: active (running) since Sun 2017-02-19 15:32:43 CET; 18s ago
Docs: man:fail2ban(1)
Main PID: 2019 (fail2ban-server)
CGroup: /system.slice/fail2ban.service
└─2019 /usr/bin/python3 /usr/bin/fail2ban-server -s
/var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b

Feb 19 15:32:43 vmd16363.contabo.host systemd[1]: Starting Fail2Ban
Service...
Feb 19 15:32:43 vmd16363.contabo.host fail2ban-client[2016]: 2017-02-19
15:32:43,786 fail2ban.server [2017]: INFO Starting Fail2ban
v0.9.6
Feb 19 15:32:43 vmd16363.contabo.host fail2ban-client[2016]: 2017-02-19
15:32:43,787 fail2ban.server [2017]: INFO Starting in daemon
mode
Feb 19 15:32:43 vmd16363.contabo.host systemd[1]: Started Fail2Ban
Service.

But f2b does not ban anything and /var/log/fail2ban.log stays empty. I
spent the whole day with trying different things, startet from scratch
with fresh configs, but no go.

iptables -S says:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b-owncloud
-N f2b-sshd
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-owncloud
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A f2b-owncloud -j RETURN
-A f2b-sshd -j RETURN

My very basic jail.local has:

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600
banaction = iptables-multiport
[sshd]
enabled = true

If you need other logfiles or output of commands, just ask.
I have no clue what else I could try. Thanks for any help.



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] f2b does not ban anymore

Reply via email to