[Fail2ban-users] Too many open files

Mon, 24 Aug 2015 07:00:16 -0700 

Hello,
I have fail2ban 0.9 on Fedora 20. I notice in my log files that when I
start fail2ban I get the following error messages. I think maybe it's
because the /etc/fail2ban/filters.d directory has too much stuff in it...?
But if I try to move things out of there I get some errors about the
regex's. Or do I need to set ulimit? Any advice would be appreciated. I'll
include my fail2ban.conf file after the following errors.

I notice there's a whole lot of stuff in jail.conf that I don't need, but
it says specifically to not edit it so I have not.

Here are the errors:

2015-08-24 08:42:49,660 fail2ban.server.jail[19511]: INFO    Initiated
'systemd' backend
2015-08-24 08:42:49,663 fail2ban.server.filter[19511]: INFO    Set maxRetry
= 3
2015-08-24 08:42:49,665 fail2ban.server.actions[19511]: INFO    Set banTime
= 600
2015-08-24 08:42:49,667 fail2ban.server.filter[19511]: INFO    Set findtime
= 600
2015-08-24 08:42:49,670 fail2ban.server.filter[19511]: INFO    Date pattern
set to `'^L %d/%m/%Y - %H:%M:%S'`: `^L Da
y/Month/Year - 24hour:Minute:Second`
2015-08-24 08:42:49,690 fail2ban.server.jail[19511]: INFO    Jail 'sshd'
started
2015-08-24 08:42:49,690 fail2ban.server.action[19511]: ERROR   iptables -N
f2b-sshd
iptables -A f2b-sshd -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ssh -j f2b-sshd -- failed
with [Errno 24] Too many open files
2015-08-24 08:42:49,690 fail2ban.server.actions[19511]: ERROR   Failed to
start jail 'sshd' action 'iptables-multipor
t': local variable 'retcode' referenced before assignment
2015-08-24 08:42:49,696 fail2ban.server.jail[19511]: INFO    Jail
'sshd-ddos' started
2015-08-24 08:42:49,698 fail2ban.server.actions[19511]: ERROR   Failed to
start jail 'sshd-ddos' action 'iptables-mul
tiport': [Errno 24] Too many open files: '/tmp/fai2ban_Kfztgy.stderr'


# grep -v "^#" /etc/fail2ban/fail2ban.conf

[Definition]
loglevel = INFO
logtarget = /var/log/fail2ban.log
socket = /var/run/fail2ban/fail2ban.sock
pidfile = /var/run/fail2ban/fail2ban.pid
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
dbpurgeage = 86400

(notice that my IP address has been munged to protect me...)

# grep -v '^#' /etc/fail2ban/jail.local
[INCLUDES]

[DEFAULT]
ignoreip = 127.0.0.1/8 X.Y.Z.A
bantime  = 600
findtime  = 600
maxretry = 3
backend = systemd
usedns = no
enabled = true
filter = %(__name__)s
destemail = root@localhost
sender = root@localhost

[sshd]
port    = ssh
logpath = %(sshd_log)s
enabled = true

[sshd-ddos]
port    = ssh
logpath = %(sshd_log)s

[dropbear]
port     = ssh
logpath  = %(dropbear_log)s

[selinux-ssh]
port     = ssh
logpath  = %(auditd_log)s
maxretry = 5

-- 
-Mike Schwager

------------------------------------------------------------------------------

_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to