Hi,
since a long time i've used a patched 0.10.0 because of IPv6.
However, i've just updated to current 0.11.2_dev from git on a Centos
6.10 (final), also current.
Like the old 0.10.0 one it doesn't work well because of a timing
problem, i think.
Does a quick and dirty patch, i've appended. See parts of the log. First
part is without patch, second part is with patch used.
I'm seeing in the code, that there ist some kind of wait in code, but
probably does not work well. Don't had done a lot of debug yet.
best regards
Peter
Datei: fail2ban.log Zeile 33909 Spalte 6239259 Bytes
67%
2020-06-06 11:47:29,303 fail2ban.actions [1717]: ERROR Failed to
execute ban jail 'apache-botsearch' action 'iptables-ipset-proto6' info
'ActionInfo({'ip': '2001
:41d0:2:b55c::', 'fid': <function <lambda> at 0x7fa1b24b8398>, 'family':
'inet6', 'raw-ticket': <function <lambda> at 0x7fa1b24b8938>})': Error starting
action Jail('apac
he-botsearch')/iptables-ipset-proto6: 'Script error'
2020-06-06 11:47:29,377 fail2ban.jail [1717]: INFO Jail
'postfix-sasl' started
2020-06-06 11:47:29,554 fail2ban.jail [1717]: INFO Jail
'AH-dovecot' started
2020-06-06 11:47:29,731 fail2ban.jail [1717]: INFO Jail 'EXEC-bin'
started
2020-06-06 11:47:29,759 fail2ban.actions [1717]: NOTICE [EXEC-bin]
Restore Ban 144.217.17.203
2020-06-06 11:47:29,764 fail2ban.utils [1717]: ERROR 7fa1b24d0780 --
exec: ipset create f2b-EXEC-bin hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports 0:22001,22003:65535 -m set
--match-set f2b-EXEC-bin src -j DROP
2020-06-06 11:47:29,765 fail2ban.utils [1717]: ERROR 7fa1b24d0780 --
timet out after 0 seconds.
2020-06-06 11:47:29,917 fail2ban.jail [1717]: INFO Jail
'INFO-apache' started
2020-06-06 11:47:29,967 fail2ban.utils [1717]: ERROR ipset create
f2b-EXEC-bin hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports 0:22001,22003:65535 -m set
--match-set f2b-EXEC-bin src -j DROP -- failed with [Errno 3] No such process
2020-06-06 11:47:29,967 fail2ban.utils [1717]: ERROR 7fa1b24d0780 --
killed with SIGTERM (return code: -15)
2020-06-06 11:47:29,967 fail2ban.actions [1717]: ERROR Failed to
execute ban jail 'EXEC-bin' action 'iptables-ipset-proto6' info
'ActionInfo({'ip': '144.217.17.2
03', 'fid': <function <lambda> at 0x7fa1b24b8398>, 'family': 'inet4',
'raw-ticket': <function <lambda> at 0x7fa1b24b8938>})': Error starting action
Jail('EXEC-bin')/iptab
les-ipset-proto6: 'Script error'
2020-06-06 11:47:30,105 fail2ban.jail [1717]: INFO Jail
'PKT-directadmin' started
2020-06-06 11:47:30,120 fail2ban.actions [1717]: NOTICE
[PKT-directadmin] Restore Ban 185.173.35.53
2020-06-06 11:47:30,125 fail2ban.utils [1717]: ERROR 10b0b70 --
exec: ipset create f2b-PKT-directadmin hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports
0:24,26:79,81:442,444:22001,22003:65535 -m set --match-set f2b-PKT-directadmin
src -j DROP
2020-06-06 11:47:30,126 fail2ban.utils [1717]: ERROR 10b0b70 --
timet out after 0 seconds.
2020-06-06 11:47:30,291 fail2ban.jail [1717]: INFO Jail
'PKT-plesk' started
2020-06-06 11:47:30,309 fail2ban.actions [1717]: NOTICE [PKT-plesk]
Restore Ban 128.14.209.238
2020-06-06 11:47:30,328 fail2ban.utils [1717]: ERROR ipset create
f2b-PKT-directadmin hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports
0:24,26:79,81:442,444:22001,22003:65535 -m set --match-set f2b-PKT-directadmin
src -j DROP -- failed with [Errno 3] No
such process
2020-06-06 11:47:30,328 fail2ban.utils [1717]: ERROR 10b0b70 --
killed with SIGTERM (return code: -15)
2020-06-06 11:47:30,328 fail2ban.actions [1717]: ERROR Failed to
execute ban jail 'PKT-directadmin' action 'iptables-ipset-proto6' info
'ActionInfo({'ip': '185.1
73.35.53', 'fid': <function <lambda> at 0x7fa1b24b8398>, 'family': 'inet4',
'raw-ticket': <function <lambda> at 0x7fa1b24b8938>})': Error starting action
Jail('PKT-direct
admin')/iptables-ipset-proto6: 'Script error'
2020-06-06 11:47:30,329 fail2ban.actions [1717]: NOTICE
[PKT-directadmin] Restore Ban 194.26.29.50
2020-06-06 11:47:30,334 fail2ban.utils [1717]: ERROR 11bd858 --
exec: ipset create f2b-PKT-plesk hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports
0:24,26:79,81:442,444:22001,22003:65535 -m set --match-set f2b-PKT-plesk src -j
DROP
2020-06-06 11:47:30,334 fail2ban.utils [1717]: ERROR 11bd858 --
timet out after 0 seconds.
2020-06-06 11:47:30,487 fail2ban.jail [1717]: INFO Jail 'PKT-ssh'
started
2020-06-06 11:47:30,496 fail2ban.actions [1717]: NOTICE [PKT-ssh]
Restore Ban 107.175.33.19
2020-06-06 11:47:30,537 fail2ban.utils [1717]: ERROR ipset create
f2b-PKT-plesk hash:ip timeout 1209600
iptables -I input_f2b -p tcp -m multiport --dports
0:24,26:79,81:442,444:22001,22003:65535 -m set --match-set f2b-PKT-plesk src -j
DROP -- failed with [Errno 3] No such
process
=======================================================================================================================
Datei: fail2ban.log Zeile 49871 Spalte 6239259 Bytes
98%
2020-06-06 17:10:43,283 fail2ban.jail [32284]: INFO Jail 'suhosin'
started
2020-06-06 17:10:43,460 fail2ban.jail [32284]: INFO Jail
'sogo-auth' started
2020-06-06 17:10:43,690 fail2ban.jail [32284]: INFO Jail
'drupal-auth' started
2020-06-06 17:10:43,867 fail2ban.jail [32284]: INFO Jail 'vsftpd'
started
2020-06-06 17:10:44,048 fail2ban.jail [32284]: INFO Jail 'dovecot'
started
2020-06-06 17:10:44,229 fail2ban.jail [32284]: INFO Jail
'postfix-sasl' started
2020-06-06 17:10:44,408 fail2ban.jail [32284]: INFO Jail
'AH-dovecot' started
2020-06-06 17:10:44,587 fail2ban.jail [32284]: INFO Jail
'EXEC-bin' started
2020-06-06 17:10:44,771 fail2ban.jail [32284]: INFO Jail
'INFO-apache' started
2020-06-06 17:10:44,955 fail2ban.jail [32284]: INFO Jail
'PKT-directadmin' started
2020-06-06 17:10:44,977 fail2ban.actions [32284]: NOTICE
[PKT-directadmin] Restore Ban 167.71.70.38
2020-06-06 17:10:45,149 fail2ban.jail [32284]: INFO Jail
'PKT-plesk' started
2020-06-06 17:10:45,158 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 128.14.209.238
2020-06-06 17:10:45,191 fail2ban.actions [32284]: NOTICE
[PKT-directadmin] Restore Ban 185.173.35.53
2020-06-06 17:10:45,354 fail2ban.jail [32284]: INFO Jail 'PKT-ssh'
started
2020-06-06 17:10:45,356 fail2ban.actions [32284]: NOTICE [PKT-ssh]
Restore Ban 107.175.33.19
2020-06-06 17:10:45,404 fail2ban.actions [32284]: NOTICE
[PKT-directadmin] Restore Ban 194.26.29.50
2020-06-06 17:10:45,511 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 162.243.137.244
2020-06-06 17:10:45,660 fail2ban.jail [32284]: INFO Jail
'PKT-telnet' started
2020-06-06 17:10:45,727 fail2ban.actions [32284]: NOTICE
[PKT-directadmin] Restore Ban 54.36.160.101
2020-06-06 17:10:45,835 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 162.243.139.214
2020-06-06 17:10:45,851 fail2ban.jail [32284]: INFO Jail
'PKT-tr-069' started
2020-06-06 17:10:45,864 fail2ban.actions [32284]: NOTICE [PKT-tr-069]
Restore Ban 184.105.139.116
2020-06-06 17:10:45,942 fail2ban.actions [32284]: NOTICE [PKT-ssh]
Restore Ban 123.212.1.153
2020-06-06 17:10:45,962 fail2ban.actions [32284]: NOTICE [PKT-telnet]
Restore Ban 1.158.144.171
2020-06-06 17:10:46,037 fail2ban.jail [32284]: INFO Jail
'PKT-xbox' started
2020-06-06 17:10:46,165 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 195.54.160.159
2020-06-06 17:10:46,384 fail2ban.actions [32284]: NOTICE [PKT-ssh]
Restore Ban 144.172.79.7
2020-06-06 17:10:46,603 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 196.52.43.102
2020-06-06 17:10:46,644 fail2ban.actions [32284]: NOTICE [REPEAT]
Restore Ban 1.174.25.6
2020-06-06 17:10:46,713 fail2ban.actions [32284]: NOTICE [PKT-tr-069]
Restore Ban 82.102.173.89
2020-06-06 17:10:46,726 fail2ban.jail [32284]: INFO Jail 'REPEAT'
started
2020-06-06 17:10:46,821 fail2ban.actions [32284]: NOTICE [PKT-ssh]
Restore Ban 144.172.79.8
2020-06-06 17:10:46,910 fail2ban.jail [32284]: INFO Jail
'ip-blacklist-net' started
2020-06-06 17:10:46,928 fail2ban.actions [32284]: NOTICE [PKT-telnet]
Restore Ban 1.160.239.213
2020-06-06 17:10:47,035 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 209.17.96.162
2020-06-06 17:10:47,099 fail2ban.jail [32284]: INFO Jail
'ip-blacklist' started
2020-06-06 17:10:47,357 fail2ban.actions [32284]: NOTICE [PKT-ssh]
Restore Ban 158.51.124.114
2020-06-06 17:10:47,465 fail2ban.actions [32284]: NOTICE [PKT-telnet]
Restore Ban 1.172.101.178
2020-06-06 17:10:47,573 fail2ban.actions [32284]: NOTICE [PKT-plesk]
Restore Ban 209.17.96.50*** utils.py.old 2020-06-06 06:00:15.000000000 +0200
--- utils.py 2020-06-06 17:05:06.000000000 +0200
***************
*** 212,221 ****
--- 212,222 ----
if retcode is None:
def _popen_wait_end():
retcode = popen.poll()
return (True, retcode) if retcode is
not None else None
# popen.poll is fast operation so we can use
the shortest sleep interval:
+ time.sleep(0.1)
retcode = Utils.wait_for(_popen_wait_end,
timeout, Utils.DEFAULT_SHORTEST_INTERVAL)
if retcode:
retcode = retcode[1]
# if timeout:
if retcode is None:
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
