Hi,
there are may dofferent whois clients (it's a simply binary which can
query various whois servers around the world. Not all whois clients
support all features. It seems that (from your example) the whois client
on your docker host supports querying by ip-address, but the whois
binary inside the 'letsencrypt' docker container doesn't.
Maybe you can install a different whois package in the container, this
depends on the distro the container was based on. My ubuntu 18.04
desktop lists at least 3 commandline whois clients in the default
repository.
Kind regards,
Tom
On 02-05-2020 15:42, arsdale...@gmail.com wrote:
Hello,
I recently installed Fail2Ban along with nginx using the
linuxserver/letsencrpt docker. I love it. It has solved a long term
problem for me and made my network run much smoother. I have ironed
out all my install problems but one, which has been driving me crazy.
In jail.local, I use action = %(action_mwl)s as my default action and
after tailoring e-mail notification settings in
sendmail-whois-lines.local with
Fail2Ban" ) | /usr/sbin/sendmail -t -v -H 'exec openssl s_client
-quiet -tls1 -starttls smtp -connect smtp.gmail.com:587' -aumyusername
-apmyapppassword <dest> it works great except for one issue.
I believe the default action uses sendmail-whois-lines.conf
This is what I always get in the response:
[Querying whois.iana.org:43 '122.166.7.73'] [Querying
whois.iana.org:43 'domain 122.166.7.73'] [whois.iana.org] % IANA WHOIS
server % for more information on IANA, visit http://www.iana.org % %
Error: Invalid query domain 122.166.7.73
In an effort to figure things out, I have tried
1. /usr/bin/whois 107.33.23.17 which is successful
2. sudo docker exec -it letsencrypt whois google.com which is successful
3. sudo docker exec -it letsencrypt whois 122.166.7.73 which fails
with the above error message.
I am relatively new to docker, but here is my docker-compose:
version: "2"
services:
letsencrypt: # https://github.com/linuxserver/docker-letsencrypt
container_name: letsencrypt
image: linuxserver/letsencrypt:latest
restart: unless-stopped
cap_add:
- NET_ADMIN
volumes:
- /home/user/docker/letsencrypt/config:/config
- /etc/localtime:/etc/localtime:ro
environment:
- PGID=xxxx
- PUID=xxxx
- EMAIL=my_em...@gmail.com
- URL=myduckdns.duckdns.org
- SUBDOMAINS=wildcard
- VALIDATION=duckdns
- TZ=America/New_york
- DUCKDNSTOKEN=myxxxxxduckdnsxxxxxtoken
ports:
- "80:80"
- "443:443"
Any help would be greatly appreciated.
Thanks,
Dan
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
