I have been trying to run 0.9.1 and it runs fine for a few hours, bans a
few hundred hosts and then I get the following errors. After 4 errors
like this, it no longer seems to be following the log files. When I
first tried it I had the pyinotify package installed and I got different
errors which filled up the log file. After I deinstalled pyinotify
here's what I get. Note I previously had other problems which you told
be were caused by a race condition, due to bugs in the python thread
libraries so I'm not sure if this could be the same problem. I do have
gamin installed:
gamin-python-0.1.7-10.el5
gamin-0.1.7-10.el5
This is a Centos 5 system with all updates installed, using python 2.6.
My configuration is very simple (has not changed since I previously
posted it) and runs fun under the stable release (once I get around the
thread bug at startup).
Nov 23 07:11:58 myhost fail2ban[5351]: CRITICAL Unhandled exception in
Fail2Ban: Traceback (most recent call last): File
"/usr/lib/python2.6/site-packages/fail2ban/server/jailthread.py", line
64, in run_with_except_hook run(*args,\
**kwargs) File
"/usr/lib/python2.6/site-packages/fail2ban/server/filterpoll.py", line
95, in run self.getFailures(filename) File
"/usr/lib/python2.6/site-packages/fail2ban/server/filter.py", line 686,
in getFailures db.upd\
ateLog(self.jail, container) File
"/usr/lib/python2.6/site-packages/fail2ban/server/database.py", line 57,
in wrapper return f(self, self._db.cursor(), *args, **kwargs) File
"/usr/lib/python2.6/site-packages/fail2ban/server/dat\
abase.py", line 344, in updateLog self._updateLog(cur, *args,
**kwargs) File
"/usr/lib/python2.6/site-packages/fail2ban/server/database.py", line
351, in _updateLog jail.name, container.getFileName()))
ProgrammingError: libra\
ry routine called out of sequence
Nov 23 07:11:58 myhost fail2ban.actions[5351]: ERROR Failed to execute
ban jail 'postfix-max1' action 'iptables-multiport' info
'CallingMap({'ipjailmatches': <function <lambda> at 0x4049d534>,
'matches': u'Nov 23 07:11:56 aspen postfix/smtpd[866]: NOQUEUE: reject:
RCPT from unknown[61.16.215.242]: 550 5.7.1 Client host rejected: cannot
find your hostname, [61.16.215.242];
from=<6ae56281-380a-4fc3-903a-5295ca8df...@fakafkbaekbdbfaf.newmegaspf.com>
to=<[email protected]> proto=SMTP
helo=<fakafkbaekbdbfaf.newmegaspf.com>', 'ip': '61.16.215.242',
'ipmatches': <function <lambda> at 0x4049d374>, 'ipfailures': <function
<lambda> at 0x4049d02c>, 'time': 1416755517.95275, 'failures': 1,
'ipjailfailures': <function <lambda> at 0x4049da74>})': library routine
called out of sequence
Here's the errors that I get with pyinotify installed. Note that here
again it ran fine and was banning hosts for a while before it started
spitting out these errors:
2014-11-08 21:43:18,939 fail2ban.filterpyinotify[2584]: ERROR Error in
FilterPyinotify callback: cannot commit transaction - SQL statements in
progress
2014-11-08 21:43:18,940 fail2ban.actions [2584]: ERROR Failed
to execute ban jail 'postfix-max1' action 'iptables-multiport' info
'CallingMap({'ipjailmatches': <function <lambda> at 0x404bb80c>,
'matches': u'Nov 8 21:43:18 myhost postfix/smtpd[4673]: NOQUEUE:
reject_warning: RCPT from mail.standard4.nmgmail.com[208.82.211.227]:
554 5.7.1 Service unavailable; Client host [208.82.211.227] blocked
using b.barracudacentral.org;
from=<[email protected]>
to=<[email protected]> proto=ESMTP
helo=<mail.standard4.nmgmail.com>', 'ip': '208.82.211.227', 'ipmatches':
<function <lambda> at 0x404bb87c>, 'ipfailures': <function <lambda> at
0x404bb844>, 'time': 1415511798.8957911, 'failures': 1,
'ipjailfailures': <function <lambda> at 0x404bb6bc>})': cannot commit
transaction - SQL statements in progress
Thank You,
Natu
On 10/27/2014 09:19 PM, Yaroslav Halchenko wrote:
> Dear All,
>
> On behalf of everyone who contributed (and there is over 30 people!!!)
> to the development of Fail2Ban since 0.9.0, I am proud to announce that
>
> 0.9.1 was tagged on GitHub, and uploaded to Debian sid
>
> I have also uploaded a limited set of builds to -devel repository of the
> NeuroDebian happen you would like to try your luck using Fail2Ban on
> previous releases of Debian or Ubuntu. Those builds differ from stock
> Debian sid build that they still use Python 2 while upload to sid uses
> Python 3 since there is only python3-systemd package now.
>
> Thanks once again everyone who contributed by commits/pull-requests and/or
> helping out on the issue tracker and mailing list! Changelog for this release
> is quite impressive:
>
>
> ver. 0.9.1 (2014/10/29) - better, faster, stronger
> ----------
>
> - Refactoring (IMPORTANT -- Please review your setup and configuration):
> * iptables-common.conf replaced iptables-blocktype.conf
> (iptables-blocktype.local should still be read) and now also
> provides defaults for the chain, port, protocol and name tags
>
> - Fixes:
> * start of file2ban aborted (on slow hosts, systemd considers the server
> has
> been timed out and kills him), see gh-824
> * UTF-8 fixes in pure-ftp thanks to Johannes Weberhofer. Closes gh-806.
> * systemd backend error on bad utf-8 in python3
> * badips.py action error when logging HTTP error raised with badips request
> * fail2ban-regex failed to work in python3 due to space/tab mix
> * recidive regex samples incorrect log level
> * journalmatch for recidive incorrect PRIORITY
> * loglevel couldn't be changed in fail2ban.conf
> * Handle case when no sqlite library is available for persistent database
> * Only reban once per IP from database on fail2ban restart
> * Nginx filter to support missing server_name. Closes gh-676
> * fail2ban-regex assertion error caused by miscount missed lines with
> multiline regex
> * Fix actions failing to execute for Python 3.4.0. Workaround for
> http://bugs.python.org/issue21207
> * Database now returns persistent bans on restart (bantime < 0)
> * Recursive action tags now fully processed. Fixes issue with bsd-ipfw
> action
> * Fixed TypeError with "ipfailures" and "ipjailfailures" action tags.
> Thanks Serg G. Brester
> * Correct times for non-timezone date times formats during DST
> * Pass a copy of, not original, aInfo into actions to avoid side-effects
> * Per-distribution paths to the exim's main log
> * Ignored IPs are no longer banned when being restored from persistent
> database
> * Manually unbanned IPs are now removed from persistent database, such they
> wont be banned again when Fail2Ban is restarted
> * Pass "bantime" parameter to the actions in default jail's action
> definition(s)
> * filters.d/sieve.conf - fixed typo in _daemon. Thanks Jisoo Park
> * cyrus-imap -- also catch also failed logins via secured (imaps/pop3s).
> Regression was introduced while strengthening failregex in 0.8.11
> (bd175f)
> Debian bug #755173
> * postfix-sasl - added journalmatch. Thanks Luc Maisonobe
> * postfix* - match with a new daemon string (postfix/submission/smtpd).
> Closes gh-804 . Thanks Paul Traina
> * apache - added filter for AH01630 client denied by server configuration.
>
> - New features:
> - New filters:
> - monit Thanks Jason H Martin
> - directadmin Thanks niorg
> - apache-shellshock Thanks Eugene Hopkinson (SlowRiot)
> - New actions:
> - symbiosis-blacklist-allports for Bytemark symbiosis firewall
> - fail2ban-client can fetch the running server version
> - Added Cloudflare API action
>
> - Enhancements
> * Start performance of fail2ban-client (and tests) increased, start time
> and cpu usage rapidly reduced. Introduced a shared storage logic, to
> bypass reading lots of config files (see gh-824).
> Thanks to Joost Molenaar for good catch (reported gh-820).
> * Fail2ban-regex - add print-all-matched option. Closes gh-652
> * Suppress fail2ban-client warnings for non-critical config options
> * Match non "Bye Bye" disconnect messages for sshd locked account regex
> * courier-smtp filter:
> - match lines with user names
> - match lines containing "535 Authentication failed" attempts
> * Add <chain> tag to iptables-ipsets
> * Realign fail2ban log output with white space to improve readability. Does
> not affect SYSLOG output
> * Log unhandled exceptions
> * cyrus-imap: catch "user not found" attempts
> * Add support for Portsentry
>
>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
