Your message dated Fri, 2 Mar 2018 23:28:21 +0000
with message-id <8b99201e-9906-6c68-df4b-06c0821de...@debian.org>
and subject line Bug#867374: fail2ban: iptables fails because imap3 is an 
unknown port
has caused the Debian Bug report #867374,
regarding fail2ban: iptables fails because imap3 is an unknown port
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
867374: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867374
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fail2ban
Version: 0.9.6-2
Severity: normal

Upon upgrading to stretch and enabling fail2ban for postfix-sasl, I
noticed the following error in fail2ban.log:

2017-07-05 22:46:55,944 fail2ban.action         [4580]: ERROR   iptables -w -N 
f2b-postfix-sasl
iptables -w -A f2b-postfix-sasl -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 
smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-postfix-sasl -- stdout: b''
2017-07-05 22:46:55,945 fail2ban.action         [4580]: ERROR   iptables -w -N 
f2b-postfix-sasl
iptables -w -A f2b-postfix-sasl -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 
smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-postfix-sasl -- stderr: 
b"iptables v1.6.0: invalid port/service `imap3' specified\nTry `iptables -h' or 
'iptables --help' for more information.\n"
2017-07-05 22:46:55,945 fail2ban.action         [4580]: ERROR   iptables -w -N 
f2b-postfix-sasl
iptables -w -A f2b-postfix-sasl -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports 
smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-postfix-sasl -- returned 2
2017-07-05 22:46:55,945 fail2ban.actions        [4580]: ERROR   Failed
to start jail 'postfix-sasl' action 'iptables-multiport': Error
starting action



The fix is easy enough; I just replaced references to imap3 with imap2
in /etc/fail2ban/jail.conf.

--- End Message ---
--- Begin Message ---
Version: 0.10.2-1

On Wed, 5 Jul 2017 23:00:17 -0700 Andres Salomon <andres4ma...@gmail.com> wrote:
> Package: fail2ban
> Version: 0.9.6-2
> Severity: normal
> 
> Upon upgrading to stretch and enabling fail2ban for postfix-sasl, I
> noticed the following error in fail2ban.log:
> 
> 2017-07-05 22:46:55,944 fail2ban.action         [4580]: ERROR   iptables -w 
> -N f2b-postfix-sasl
> iptables -w -A f2b-postfix-sasl -j RETURN
> iptables -w -I INPUT -p tcp -m multiport --dports 
> smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-postfix-sasl -- stdout: b''
> 2017-07-05 22:46:55,945 fail2ban.action         [4580]: ERROR   iptables -w 
> -N f2b-postfix-sasl
> iptables -w -A f2b-postfix-sasl -j RETURN
> iptables -w -I INPUT -p tcp -m multiport --dports 
> smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-postfix-sasl -- stderr: 
> b"iptables v1.6.0: invalid port/service `imap3' specified\nTry `iptables -h' 
> or 'iptables --help' for more information.\n"

This happened because netbase 5.4 dropped the "imap3" service.

The port was dropped from fail2ban in 0.10.2 so this is now fixed.
https://github.com/fail2ban/fail2ban/commit/9876dd44f93a0b012108ea1aceeccee21be03cb9

James

Attachment: signature.asc
Description: OpenPGP digital signature


--- End Message ---

Reply via email to