It would be great if someone can help. Please see attachment. Summary is given below:
As provide in below logs, configured fail2ban version fail2ban-0.9.3-1.el6.noarch in CentOS release 6.4 (Final), kernel 2.6.32-358.18.1.el6.x86_64, iptables version iptables-1.4.7-9.el6.x86_64, Python version python-2.6.6-37.el6_4.x86_64. While starting fail2ban getting below ERRORs. The fail2ban emails banned ips, but do not actually ban the ips. Iptables –L is empty. Oct 21 12:46:52 xxxxx fail2ban.server[24301]: INFO Changed logging target to SYSLOG (/dev/log) for Fail2ban v0.9.3 Oct 21 12:46:52 xxxxx fail2ban.database[24301]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3' Oct 21 12:46:52 xxxxx fail2ban.jail[24301]: INFO Creating new jail 'ssh-iptables' Oct 21 12:46:52 xxxxx fail2ban.jail[24301]: INFO Jail 'ssh-iptables' uses poller Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Set jail log file encoding to UTF-8 Oct 21 12:46:52 xxxxx fail2ban.jail[24301]: INFO Initiated 'polling' backend Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Added logfile = /var/log/secure Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Set maxRetry = 5 Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Set jail log file encoding to UTF-8 Oct 21 12:46:52 xxxxx fail2ban.actions[24301]: INFO Set banTime = 3600 Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Set findtime = 600 Oct 21 12:46:52 xxxxx fail2ban.filter[24301]: INFO Set maxlines = 10 Oct 21 12:46:52 xxxxx fail2ban.server[24301]: INFO Jail ssh-iptables is not a JournalFilter instance Oct 21 12:46:52 xxxxx fail2ban.jail[24301]: INFO Jail 'ssh-iptables' started Oct 21 12:46:52 xxxxx fail2ban.action[24301]: ERROR iptables -N f2b-ssh-iptables#012iptables -A f2b-ssh-iptables -j RETURN#012iptables -I INPUT -p tcp -m multiport --dports 0:65535 -j f2b-ssh-iptables -- stdout: '' Oct 21 12:46:52 xxxxx fail2ban.action[24301]: ERROR iptables -N f2b-ssh-iptables#012iptables -A f2b-ssh-iptables -j RETURN#012iptables -I INPUT -p tcp -m multiport --dports 0:65535 -j f2b-ssh-iptables -- stderr: "iptables v1.4.7: can't initialize iptables table `filter': Permission denied\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.7: can't initialize iptables table `filter': Permission denied\nPerhaps iptables or your kernel needs to be upgraded.\nCould not open socket to kernel: Permission denied\n" Oct 21 12:46:52 xxxxx fail2ban.action[24301]: ERROR iptables -N f2b-ssh-iptables#012iptables -A f2b-ssh-iptables -j RETURN#012iptables -I INPUT -p tcp -m multiport --dports 0:65535 -j f2b-ssh-iptables -- returned 1 Oct 21 12:46:52 xxxxx fail2ban.actions[24301]: ERROR Failed to start jail 'ssh-iptables' action 'iptables-multiport': Error starting action Thank you, Anil.
fail2ban_not_banning_issue.docx
Description: MS-Word 2007 document
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
