Your welcome, in the folder /etc/fail2ban/filter.d you should have a file named ssh-iptables.conf It will be helpful to see that file.
On Fri, 2015-08-21 at 05:15 +0000, [email protected] wrote: > Hi, > > and thank you for reply. As wrote my ssh-iptables.conf is: > > ----------------------- > [ssh-iptables] > > enabled = true > > filter = sshd > > action = iptables[name=SSH, port=ssh, protocol=tcp] > > logpath = /var/log/secure > > maxretry = 2 > > bantime = 86400 > ----------------------- > > BR, > > Ville > > > August 21 2015 7:17 AM, "Harrison Johnson" <[email protected]> > wrote: > > What is in your ssh-iptables.conf ? > > On Thu, 2015-08-20 at 16:06 +0000, [email protected] wrote: > > > > Hi all, > > > > and thank you for great product. > > > > I have installed fail2ban in my new centos 7 server and > > there seems to be some problems. Trigger works fine, but > > after trigger should do something fail2ban gives some errors > > for ip-address. Any suggestion how to fix this? > > > > My sshd: > > > > [ssh-iptables] > > > > enabled = true > > > > filter = sshd > > > > action = iptables[name=SSH, port=ssh, protocol=tcp] > > > > logpath = /var/log/secure > > > > maxretry = 2 > > > > bantime = 86400 > > > > ------- > > > > My log: > > > > > > > > 2015-08-20 13:20:34,875 fail2ban.server [6735]: INFO > > Changed logging target to /var/log/fail2ban.log for Fail2ban > > v0.9.1 > > > > 2015-08-20 13:20:34,877 fail2ban.database [6735]: INFO > > Connected to fail2ban persistent database > > '/var/lib/fail2ban/fail2ban.sqlite3' > > > > 2015-08-20 13:20:34,882 fail2ban.jail [6735]: INFO > > Creating new jail 'ssh-iptables' > > > > 2015-08-20 13:20:34,886 fail2ban.jail [6735]: INFO > > Jail 'ssh-iptables' uses poller > > > > 2015-08-20 13:20:34,914 fail2ban.filter [6735]: INFO > > Set jail log file encoding to UTF-8 > > > > 2015-08-20 13:20:34,914 fail2ban.jail [6735]: INFO > > Initiated 'polling' backend > > > > 2015-08-20 13:20:34,923 fail2ban.filter [6735]: INFO > > Added logfile = /var/log/secure > > > > 2015-08-20 13:20:34,924 fail2ban.filter [6735]: INFO > > Set maxRetry = 2 > > > > 2015-08-20 13:20:34,926 fail2ban.filter [6735]: INFO > > Set jail log file encoding to UTF-8 > > > > 2015-08-20 13:20:34,926 fail2ban.actions [6735]: INFO > > Set banTime = 86400 > > > > 2015-08-20 13:20:34,927 fail2ban.filter [6735]: INFO > > Set findtime = 600 > > > > 2015-08-20 13:20:34,928 fail2ban.filter [6735]: INFO > > Set maxlines = 10 > > > > 2015-08-20 13:20:35,002 fail2ban.server [6735]: INFO > > Jail ssh-iptables is not a JournalFilter instance > > > > 2015-08-20 13:20:36,699 fail2ban.jail [6735]: INFO > > Jail 'ssh-iptables' started > > > > 2015-08-20 13:21:29,344 fail2ban [6735]: > > CRITICAL Unhandled exception in Fail2Ban: > > > > Traceback (most recent call last): > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/jailthread.py", > line 64, in run_with_except_hook > > > > run(*args, **kwargs) > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/filterpoll.py", > line 95, in run > > > > self.getFailures(filename) > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/filter.py", > line 682, in getFailures > > > > self.processLineAndAdd(line) > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/filter.py", > line 421, in processLineAndAdd > > > > if self.inIgnoreIPList(ip): > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/filter.py", > line 363, in inIgnoreIPList > > > > "(?<=b)1+", bin(DNSUtils.addr2bin(s[1]))).group()) > > > > File > > > "/usr/lib/python2.7/site-packages/fail2ban-0.9.1-py2.7.egg/fail2ban/server/filter.py", > line 915, in addr2bin > > > > return struct.unpack("!L", socket.inet_aton(string))[0] > > > > error: illegal IP address string passed to inet_aton > > > > > > > > Best regards, > > > > Ville > > > > > > ------------------------------------------------------------------------------ > _______________________________________________ Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users > > ------------------------------------------------------------------------------ > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
