On Wed, 24 Dec 2014, Ghostdog wrote:

> Package: fail2ban
> Version: 0.8.6-3wheezy3
> Severity: minor

> Hello,

> If you enable the apache-overflows jail, fail2ban reports the following:

> fail2ban.actions.action: ERROR  iptables -N fail2ban-apache-overflows
> iptables -A fail2ban-apache-overflows -j RETURN
> iptables -I INPUT 1 -p tcp -m multiport --dports http,https -j 
> fail2ban-apache-overflows
> iptables -N fail2ban-apache-overflows-log
> iptables -I fail2ban-apache-overflows-log -j LOG --log-prefix "$(expr 
> fail2ban-apache-overflows : '\(.\{1,23\}\)'):DROP " --log-level warning -m 
> limit --limit 6/m --limit-burst 2
> iptables -A fail2ban-apache-overflows-log -j DROP returned 200

> this is because chain name must be shorter than 29 characters:
> # iptables -N fail2ban-apache-overflows-log
> iptables v1.4.14: chain name `fail2ban-apache-overflows-log' too long (must 
> be under 29 chars)
> Try `iptables -h' or 'iptables --help' for more information.

> The solution here is to rename the jail to something shorter.

Thanks.  It is unlikely I would be uploading proper fix for this to
wheezy but let's keep it open others find a fix for them happen they run
into it.  But upstream in 0.9.0 we reduced prefix to f2b- to mitigate
this problem.   Not sure what course of action to choose for jessie's
version.  since bug is not severe, actually it would unlikely be
accepted at this point either

Cheers!

-- 
Yaroslav O. Halchenko, Ph.D.
http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org
Research Scientist,            Psychological and Brain Sciences Dept.
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834                       Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik        


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to