Hi,

My fail2ban works just fine, only the emails sent on the lighttpd jail does not contain the related log-lines. The SSH jail does contain the related log lines. How can is debug/fix this ? It's running on an raspberry pi with raspbian and fail2ban is installed via packages.


*jail.local : *

   destemail = sysadmin@****.***
   mta = sendmail
   action = %(action_mwl)s

   [404-block]
   enabled  = true
   port     = http,https
   filter   = lighttpd-404
   logpath  = /var/log/lighttpd/access.log
   maxretry = 1
   bantime  = 86400

*filter.d/lighttpd-404.conf :*

    [Definition]
    failregex = (?i)^<HOST> .*\/admin.*
            (?i)^<HOST> .*\/manager.*
    ignoreregex =

*email* :

   Hi,

   The IP 185.30.166.38 has just been banned by Fail2Ban after
   1 attempts against 404-block.


   Here is more information about 185.30.166.38:

   % This is the RIPE Database query service.
   % The objects are in RPSL format.
   %
   % The RIPE Database is subject to Terms and Conditions.
   % Seehttp://www.ripe.net/db/support/db-terms-conditions.pdf

   % Note: this output has been filtered.
   %       To receive output for a database update, use the "-B" flag.

   % Information related to '185.30.166.0 - 185.30.166.255'

   % Abuse contact for '185.30.166.0 - 185.30.166.255' is 'ab...@fnxtec.com'

   inetnum:        185.30.166.0 - 185.30.166.255
   netname:        FNXTEC2
   descr:          FNXTEC (HYPERFILTER) NETWORK
   country:        NL
   admin-c:        FNX-AR
   tech-c:         FNX-TR
   status:         ASSIGNED PA
   mnt-by:         FNXTEC-MNT
   mnt-lower:      FNXTEC-MNT
   mnt-routes:     FNXTEC-MNT
   org:            ORG-FA510-RIPE
   created:        2013-12-04T20:40:47Z
   last-modified:  2015-06-30T23:49:57Z
   source:         RIPE

   organisation:   ORG-FA510-RIPE
   org-name:       FNXTEC
   org-type:       OTHER
   address:        R. Pedro Nano, 96 - Jundiai - SP - Brazil
   mnt-ref:        FNXTEC-MNT
   mnt-by:         FNXTEC-MNT
   created:        2013-08-03T20:06:32Z
   last-modified:  2013-08-08T02:21:19Z
   source:         RIPE # Filtered

   person:         FNXTEC - Administrative Role Account
   address:        R. Pedro Nano, 96
   address:        Jundiaí - São Paulo - Brazil
   address:        13218-330
   phone:          +31 (20) 894-3337
   abuse-mailbox:ab...@fnxtec.com
   nic-hdl:        FNX-AR
   mnt-by:         FNXTEC-MNT
   created:        2015-06-26T21:30:26Z
   last-modified:  2016-05-02T14:14:09Z
   source:         RIPE # Filtered

   person:         FNXTEC - Technical Role Account
   address:        R. Pedro Nano, 96
   address:        Jundiaí - São Paulo - Brazil
   address:        13218-330
   phone:          +31 (20) 894-3337
   abuse-mailbox:ab...@fnxtec.com
   nic-hdl:        FNX-TR
   mnt-by:         FNXTEC-MNT
   created:        2015-06-26T21:31:48Z
   last-modified:  2016-05-02T14:13:35Z
   source:         RIPE # Filtered

   % Information related to '185.30.166.0/24AS60503'

   route:          185.30.166.0/24
   descr:          FNX Tecnologia LTDA
   remarks:        HyperFilter Network
   origin:         AS60503
   mnt-by:         FNXTEC-MNT
   created:        2015-06-30T23:50:08Z
   last-modified:  2015-06-30T23:50:08Z
   source:         RIPE

   % This query was served by the RIPE Database Query Service version 1.87.4 
(ANGUS)


   Lines containing IP:185.30.166.38 in /var/log/lighttpd/access.log



   Regards,

   Fail2Ban

------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to