Hello, This problem is solved, however you may want to get informed. This is it. ;-)
Got a fresh install from debian/sid (0.9.1-1), switched on blocklist.de, sshd, pam-auth, exim and recidive. Did a few tweaks on the configs, a few restarts, usual stuff. fail2start, basically, cpu 100%, stuck on start, impossible to stop unless kill -9. First I tried debuglog (after disabling recidive) where I have faced an endless stream of fail2ban.datedetector lines, without actually giving ANY hint what's happening. I was suspecting some longer logfile is being read but no hint on it. So I went to the filter code and kindly inserted a debuglog to log the filename and the line being read, so it turned out that fail2ban was processing auth.log in slow-motion mode, 1-2 lines/second. I wasn't able to figure out why or where the time was spent.(I didn't have the mood to insert debug entries everywhere.) Stopping it was not possible, since fail2ban-server was happily reading the files, kill -9. (9000 lines in auth.log or so.) So I had to append 'tail' to every logfile line around (plenty to look since debian config is nicely modularised and it's not possible to log_authpriv = %(log_authpriv)s tail due to recusion). It got better, at least debug wasn't flooded by datedetector but still 100% cpu and stuck on start. The next was to upgrade to the version in experimental which is made from a more recent snapshot with a few related issues.It got better, not much so. Tried to disable all the jails and set action to plain action_, and it was still 100% cpu. I have removed the sqlite db. After start cpu went to 0%. Hmm. Reinserted action for blocklist_de and the jails, and cpu 100% again. Removed blocklist_de (sounds easy, these 10+ steps permutating everything) and cpu went down. So yeah, applied patch from https://github.com/fail2ban/fail2ban/issues/907 and restarted and cpu stayed on 0%. Then I have removed 'tail' from the logfiles and it stayed 0%. Problem solved, lost a few hours of my longevity. :-] Cheers, Peter ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
