Hi AllOperating system: Ubuntu Linux 14.04.2Fail2ban: 0.9.3Processor
information AMD Athlon(tm) 64 X2 Dual Core Processor 5200+, 2 coresReal
memory 3.53 GB total / 1.54 GB used
Today I had to do a restart of my server after some large security updates. As
a part of the shutdown process the server stops Fail2ban. The process of
shutting down Fail2ban took over 1.5 hours. Which seems like a long time to
shut down however there are a large number of bans which could have contributed
to the long time. I then went looking in the logs to see what went on and found
a large number of errors during the shutdown process, I have provided a section
of them below. This brings be to my questions.1). Should the shutdown process
for fail2ban take so long?2). Is there anything I can do to speedup the
shutdown of Fail2ban?
3). What are the errors below and what do I need to change in my configuration
to stop them?2016-01-21 10:19:25,988 fail2ban.actions [2857]: ERROR
Failed to stop jail 'proftpd' action 'iptables-multiport': Error stopping
action2016-01-21 10:19:25,988 fail2ban.jail [2857]: INFO Jail
'proftpd' stopped2016-01-21 10:19:27,119 fail2ban.jail [2857]: INFO
Jail 'couriersmtp' stopped2016-01-21 10:19:28,426 fail2ban.jail
[2857]: INFO Jail 'webmin-auth' stopped2016-01-21 10:19:29,460
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- stdout: ''2016-01-21 10:19:29,461 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- stderr:
'iptables: Too many links.\n'2016-01-21 10:19:29,461 fail2ban.action
[2857]: ERROR iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- returned 12016-01-21 10:19:29,461
fail2ban.actions [2857]: ERROR Failed to stop jail 'dovecot' action
'iptables-multiport': Error stopping action2016-01-21 10:19:29,461
fail2ban.jail [2857]: INFO Jail 'dovecot' stopped2016-01-21
10:19:30,122 fail2ban.jail [2857]: INFO Jail 'dovecot-pop3'
stopped2016-01-21 10:19:31,528 fail2ban.jail [2857]: INFO Jail
'sshd-ddos' stopped2016-01-21 10:19:32,357 fail2ban.action [2857]:
ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- stdout:
''2016-01-21 10:19:32,357 fail2ban.action [2857]: ERROR iptables -w
-D INPUT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- stderr: 'iptables: Too many
links.\n'2016-01-21 10:19:32,357 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh
-j f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- returned
12016-01-21 10:19:32,358 fail2ban.actions [2857]: ERROR Failed to stop
jail 'apache-auth' action 'iptables-multiport': Error stopping action2016-01-21
10:19:32,358 fail2ban.jail [2857]: INFO Jail 'apache-auth'
stopped2016-01-21 10:19:33,137 fail2ban.jail [2857]: INFO Jail
'named-refused-tcp' stopped2016-01-21 10:19:34,323 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- stdout:
''2016-01-21 10:19:34,323 fail2ban.action [2857]: ERROR iptables -w
-D INPUT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- stderr: 'iptables: Too many
links.\n'2016-01-21 10:19:34,323 fail2ban.action [2857]: ERROR
iptables -w -D INP
UT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- returned 12016-01-21 10:19:34,324
fail2ban.actions [2857]: ERROR Failed to stop jail 'php-url-fopen'
action 'iptables-multiport': Error stopping action2016-01-21 10:19:34,343
fail2ban.jail [2857]: INFO Jail 'php-url-fopen' stopped2016-01-21
10:19:35,194 fail2ban.action [2857]: ERROR iptables -w -D INPUT -p
tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables
-w -X f2b-default -- stdout: ''2016-01-21 10:19:35,195 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- stderr:
'iptables: Too many links.\n'2016-01-21 10:19:35,195 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- returned
12016-01-21 10:19:3
5,195 fail2ban.actions [2857]: ERROR Failed to stop jail
'apache-noscript' action 'iptables-multiport': Error stopping action2016-01-21
10:19:35,224 fail2ban.jail [2857]: INFO Jail 'apache-noscript'
stopped2016-01-21 10:19:36,230 fail2ban.action [2857]: ERROR iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- stdout: ''2016-01-21 10:19:36,231
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- stderr: 'iptables: Too many links.\n'2016-01-21 10:19:36,231
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- returned 12016-01-21 10:19:36,232 fail2ban.actions
[2857]: ERROR Failed to stop jail 'virt-serv-login' action
'iptables-multiport': Error stopping ac
tion2016-01-21 10:19:36,232 fail2ban.jail [2857]: INFO Jail
'virt-serv-login' stopped2016-01-21 10:19:37,535 fail2ban.jail
[2857]: INFO Jail 'xinetd-fail' stopped2016-01-21 10:19:39,104
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- stdout: ''2016-01-21 10:19:39,104 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- stderr:
'iptables: Too many links.\n'2016-01-21 10:19:39,104 fail2ban.action
[2857]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports ssh -j
f2b-defaultiptables -w -F f2b-defaultiptables -w -X f2b-default -- returned
12016-01-21 10:19:39,104 fail2ban.actions [2857]: ERROR Failed to stop
jail 'virt-serv-getpos' action 'iptables-multiport': Error stopping
action2016-01-21 10:19:39,105 fail2ban.ja
il [2857]: INFO Jail 'virt-serv-getpos' stopped2016-01-21
10:19:40,292 fail2ban.jail [2857]: INFO Jail 'ssh'
stopped2016-01-21 10:19:41,376 fail2ban.action [2857]: ERROR iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-defaultiptables -w -F
f2b-defaultiptables -w -X f2b-default -- stdout: ''2016-01-21 10:19:41,377
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- stderr: 'iptables: Too many links.\n'2016-01-21 10:19:41,377
fail2ban.action [2857]: ERROR iptables -w -D INPUT -p tcp -m
multiport --dports ssh -j f2b-defaultiptables -w -F f2b-defaultiptables -w -X
f2b-default -- returned 12016-01-21 10:19:41,377 fail2ban.actions
[2857]: ERROR Failed to stop jail 'apache-overflows' action
'iptables-multiport': Error stopping action2016-01-21 10:19:41,377
fail2ban.jail [2857]: INFO Jail 'apache-over
flows' stopped2016-01-21 10:19:42,504 fail2ban.jail [2857]: INFO
Jail 'named-refused' stopped
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
