Hi,
I created my own script to do blocking and deblocking of IP addresses.
With the update of my CentOS system I was suddenly introduced to version
0.9.3 (instead of 0.8.x). And it seems that something is now broken, but
am a bit clueless here to look for a solution, so I hope someone here
can point me in the right direction.
My /etc/fail2ban/action.d/ban-ip.conf looks like this:
[INCLUDES]
[Definition]
actionban = /var/www/lighttpd/sbin/ban-ip.sh add <ip>
actionunban = /var/www/lighttpd/sbin/ban-ip.sh del <ip>
[Init]
bantime = -1
My /etc/fail2ban/jail.local has this:
[DEFAULT]
ignoreip = 127.0.0.1/8 10.0.0.0/8
bantime = -1
[sshd]
enabled = true
action = ban-ip
banaction =
[sshd-ddos]
enabled = true
action = ban-ip
banaction =
When I ban an IP like this:
fail2ban-client set sshd banip 1.1.1.1
I get the following in my logs:
Oct 19 14:59:36 hostname fail2ban.actions[7273]: NOTICE [sshd] Ban 1.1.1.1
Oct 19 14:59:36 hostname ban-ip: started
Oct 19 14:59:36 hostname ban-ip: Adding 1.1.1.1 to ip4_blacklist
Oct 19 14:59:36 hostname ban-ip: Added 1.1.1.1 to ip4_blacklist
Note the "started" message, which is in the top of the script before it
does anything.
Then I run:
fail2ban-client set sshd unbanip 1.1.1.1
and I get:
Oct 19 14:59:41 hostname fail2ban.actions[7273]: NOTICE [sshd] Unban 1.1.1.1
Oct 19 15:00:41 hostname fail2ban.action[7273]: ERROR
/var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1 -- timed out after 60 seconds.
Oct 19 15:00:41 hostname fail2ban.action[7273]: ERROR
/var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1 -- stdout: ''
Oct 19 15:00:41 hostname fail2ban.action[7273]: ERROR
/var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1 -- stderr: 'WARNING Caught
signal 15. Exiting\nclose failed in file object destructor:\nError in
sys.excepthook:\n\nOriginal exception was:\n'
Oct 19 15:00:41 hostname fail2ban.action[7273]: ERROR
/var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1 -- killed with SIGTERM
Oct 19 15:00:41 hostname fail2ban.actions[7273]: ERROR Failed to execute
unban jail 'sshd' action 'ban-ip-notify' info '{'matches': '', 'ip':
'1.1.1.1', 'time': 1445259576.1425359, 'failures': 5}': Command
execution failed: /var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1
Oct 19 15:00:41 hostname fail2ban.asyncserver[7273]: ERROR Unexpected
communication error: [Errno 32] Broken pipe
Oct 19 15:00:41 hostname fail2ban.asyncserver[7273]: ERROR ['Traceback
(most recent call last):', ' File "/usr/lib64/python2.6/asynchat.py",
line 235, in initiate_send', ' num_sent = self.send(data)', ' File
"/usr/lib64/python2.6/asyncore.py", line 360, in send', ' result =
self.socket.send(data)', 'error: [Errno 32] Broken pipe']
I do not see the "started" log, and when I run the command manually all
is well:
# /var/www/lighttpd/sbin/ban-ip.sh del 1.1.1.1
# echo $?
0
Can anybody give me some pointer in the right direction? What am I missing?
Thanks in advance,
Dennis Leeuw
------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
