I installed new version from EPEL7-testing but still have all the same problems I had before. I need to monitor and block on Astersik log
Here is jail.local [DEFAULT] destemail = [email protected] [asterisk] enabled = true logpath = /var/log/asterisk/messages /var/log/asterisk/verbose maxretry = 5 bantime = 86400 It seems like EVERYTHING works just fine except for actually banning IP’s on firewall-cmd. And, there is a bunch of errors on reboot. If I start/stop fail2ban everything OK, but if I reboot - errors. See log clearly showing that reboot - errors. Start - clean. And then bunch of “aready banned” which indicates it doesn’t work. Anybody can help? 2015-05-02 01:17:21,519 fail2ban.server [2652]: INFO Stopping all jails 2015-05-02 01:17:22,339 fail2ban.actions [2652]: NOTICE [asterisk] Unban 212.129.1.26 2015-05-02 01:17:22,966 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p udp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-udp src -j REJECT --reject -with icmp-port-unreachable ipset flush fail2ban-asterisk-udp ipset destroy fail2ban-asterisk-udp -- stdout: 'Not using slip\n' 2015-05-02 01:17:22,966 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p udp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-udp src -j REJECT --reject -with icmp-port-unreachable ipset flush fail2ban-asterisk-udp ipset destroy fail2ban-asterisk-udp -- stderr: 'Traceback (most recent call last):\n File "/usr/bin/firewall-cmd", line 703, in <module>\n fw = FirewallClient()\n File "<string>", line 2, in __init__\n File "/usr/lib /python2.7/site-packages/firewall/client.py", line 52, in handle_exceptions\n return func(*args, **kwargs)\n File "/usr/lib/python2.7/site-packages/firewall/client.py", line 1594, in __init__\n self.bus = dbus.Syste mBus()\n File "/usr/lib64/python2.7/site-packages/dbus/_dbus.py", line 194, in __new__\n private=private)\n File "/usr/lib64/python2.7/site-packages/dbus/_dbus.py", line 100, in __new__\n bus = BusConnection.__new_ _(subclass, bus_type, mainloop=mainloop)\n File "/usr/lib64/python2.7/site-packages/dbus/bus.py", line 122, in __new__\n bus = cls._new_for_bus(address_or_type, mainloop=mainloop)\ndbus.exceptions.DBusException: org.fr eedesktop.DBus.Error.NoServer: Failed to connect to socket /var/run/dbus/system_bus_socket: Connection refused\nipset v6.19: Set cannot be destroyed: it is in use by a kernel component\n' 2015-05-02 01:17:22,967 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p udp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-udp src -j REJECT --reject -with icmp-port-unreachable ipset flush fail2ban-asterisk-udp ipset destroy fail2ban-asterisk-udp -- returned 1 2015-05-02 01:17:22,967 fail2ban.actions [2652]: ERROR Failed to stop jail 'asterisk' action 'firewallcmd-ipset-udp': Error stopping action 2015-05-02 01:17:23,275 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-tcp src -j REJECT --reject -with icmp-port-unreachable ipset flush fail2ban-asterisk-tcp ipset destroy fail2ban-asterisk-tcp -- stdout: 'Not using slip\n' 2015-05-02 01:17:23,275 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-tcp src -j REJECT --reject -with icmp-port-unreachable ipset flush fail2ban-asterisk-tcp ipset destroy fail2ban-asterisk-tcp -- stderr: 'Traceback (most recent call last):\n File "/usr/bin/firewall-cmd", line 703, in <module>\n fw = FirewallClient()\n File "<string>", line 2, in __init__\n File "/usr/lib/python2.7/site-packages/firewall/client.py", line 52, in handle_exceptions\n return func(*args, **kwargs)\n File "/usr/lib/python2.7/site-packages/firewall/client.py", line 1594, in __init__\n self.bus = dbus.SystemBus()\n File "/usr/lib64/python2.7/site-packages/dbus/_dbus.py", line 194, in __new__\n private=private)\n File "/usr/lib64/python2.7/site-packages/dbus/_dbus.py", line 100, in __new__\n bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)\n File "/usr/lib64/python2.7/site-packages/dbus/bus.py", line 122, in __new__\n bus = cls._new_for_bus(address_or_type, mainloop=mainloop)\ndbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoServer: Failed to connect to socket /var/run/dbus/system_bus_socket: Connection refused\nipset v6.19: Set cannot be destroyed: it is in use by a kernel component\n' 2015-05-02 01:17:23,276 fail2ban.action [2652]: ERROR firewall-cmd --direct --remove-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports 5060,5061 -m set --match-set fail2ban-asterisk-tcp src -j REJECT --reject-with icmp-port-unreachable ipset flush fail2ban-asterisk-tcp ipset destroy fail2ban-asterisk-tcp -- returned 1 2015-05-02 01:17:23,276 fail2ban.actions [2652]: ERROR Failed to stop jail 'asterisk' action 'firewallcmd-ipset-tcp': Error stopping action 2015-05-02 01:17:23,276 fail2ban.jail [2652]: INFO Jail 'asterisk' stopped 2015-05-02 01:17:23,283 fail2ban.server [2652]: INFO Exiting Fail2ban 2015-05-02 01:17:50,755 fail2ban.server [1475]: INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.2 2015-05-02 01:17:50,760 fail2ban.database [1475]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3' 2015-05-02 01:17:50,793 fail2ban.jail [1475]: INFO Creating new jail 'asterisk' 2015-05-02 01:17:50,875 fail2ban.jail [1475]: INFO Jail 'asterisk' uses pyinotify 2015-05-02 01:17:50,908 fail2ban.filter [1475]: INFO Set jail log file encoding to UTF-8 2015-05-02 01:17:50,933 fail2ban.jail [1475]: INFO Initiated 'pyinotify' backend 2015-05-02 01:17:51,050 fail2ban.filter [1475]: INFO Added logfile = /var/log/asterisk/messages 2015-05-02 01:17:51,094 fail2ban.filter [1475]: INFO Added logfile = /var/log/asterisk/verbose 2015-05-02 01:17:51,111 fail2ban.filter [1475]: INFO Set maxRetry = 5 2015-05-02 01:17:51,116 fail2ban.filter [1475]: INFO Set jail log file encoding to UTF-8 2015-05-02 01:17:51,116 fail2ban.actions [1475]: INFO Set banTime = 86400 2015-05-02 01:17:51,117 fail2ban.filter [1475]: INFO Set findtime = 600 2015-05-02 01:17:51,191 fail2ban.jail [1475]: INFO Jail 'asterisk' started 2015-05-02 01:17:52,008 fail2ban.actions [1475]: NOTICE [asterisk] Ban 212.129.1.26 2015-05-02 01:22:39,090 fail2ban.filter [1475]: INFO [asterisk] Found 192.168.33.31 2015-05-02 01:27:53,434 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:28:04,400 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:28:26,792 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:28:30,368 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:28:34,012 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:28:34,600 fail2ban.actions [1475]: NOTICE [asterisk] 212.129.1.26 already banned 2015-05-02 01:28:57,669 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:29:47,018 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:30:45,708 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:31:11,928 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:31:32,326 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:31:33,036 fail2ban.actions [1475]: NOTICE [asterisk] 212.129.1.26 already banned 2015-05-02 01:31:38,896 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:32:41,139 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:32:58,941 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:33:14,747 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:33:43,108 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 2015-05-02 01:33:43,579 fail2ban.actions [1475]: NOTICE [asterisk] 212.129.1.26 already banned 2015-05-02 01:34:01,936 fail2ban.filter [1475]: INFO [asterisk] Found 212.129.1.26 ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
