[Fail2ban-users] Failed to stop jail 'jail' action 'iptables-multiport': Error stopping action

[Robert Kudyba]

Any idea why these happen on restarts? This thread mentions names the jails
to check: https://github.com/fail2ban/fail2ban/issues/1092


fail2ban-0.9.6-4.fc25.noarch

cat /etc/fail2ban/jail.local

[DEFAULT]

ignoreip = 127.0.0.1 192.168.1.0/24

bantime = 3600

sender = root

destemail = unclroot

action = %(action_mwl)s

backend = auto

mta = sendmail

[sshd]

enabled = true


# detect password authentication failures

[apache]

enabled  = true

port     = http,https

filter   = apache-auth

#logpath  = /var/log/httpd/*error_log

logpath  = /usr/local/etc/httpd/logs/*error_log

maxretry = 6



# detect spammer robots crawling email addresses

[apache-badbots]

enabled  = true

port     = http,https

filter   = apache-badbots

#logpath  = /var/log/httpd/*access_log

logpath  = /usr/local/etc/httpd/logs/*access_log

bantime  = 172800

maxretry = 1



# detect potential search for exploits and php vulnerabilities

[apache-noscript]

enabled  = true

port     = http,https

filter   = apache-noscript

#logpath  = /var/log/httpd/*error_log

logpath  = /usr/local/etc/httpd/logs/error_log

maxretry = 3



# detect Apache overflow attempts

[apache-overflows]

enabled  = true

port     = http,https

filter   = apache-overflows

#logpath  = /var/log/httpd/*error_log

logpath  =  /usr/local/etc/httpd/logs/*error_log

maxretry = 2



# detect failures to find a home directory on a server

[apache-nohome]

enabled  = true

port     = http,https

filter   = apache-nohome

#logpath  = /var/log/httpd/*error_log

logpath  = /usr/local/etc/httpd/logs/*error_log

maxretry = 2


[urlscanners]

enabled  = true

port     = http,https

filter   = urlscanners

#logpath  = /var/log/apache*/*error.log

logpath  = /usr/local/etc/httpd/logs/*error_log

maxretry = 2

bantime  = 86400



[dovecot-pop3imap]

enabled = true

filter = dovecot-pop3imap

action = iptables-multiport[name=dovecot-pop3imap, port="pop3,imap",
protocol=tcp]

logpath = /var/log/maillog

maxretry = 6

findtime = 1200

bantime = 1200



[apache-botsearch]

# detect failures to execute non-existing scripts that

# are associated with several popular web services

# e.g. webmail, phpMyAdmin, WordPress

port     = http,https

filter   = apache-botsearch

#logpath  = /var/log/httpd/*error_log

logpath = /usr/local/etc/httpd/

maxretry = 2


[recidive]

enabled  = true

filter   = recidive

logpath  = /var/log/fail2ban.log

action   = iptables-allports[name=recidive]

           sendmail-whois-lines[name=recidive,
logpath=/var/log/fail2ban.log]

#bantime  = 7776000   ; 3 months

bantime   =  -1 ; permanent

findtime = 86400   ; 1 day

maxretry = 5


2017-04-24 22:08:52,538 fail2ban.server         [14809]: INFO    Stopping
all jails

2017-04-24 22:08:53,339 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-urlscanners

2017-04-24 22:08:53,339 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-urlscanners

2017-04-24 22:08:53,341 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-urlscanners

2017-04-24 22:08:53,342 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'urlscanners' action 'iptables-multiport': Error stopping action

2017-04-24 22:08:53,343 fail2ban.jail           [14809]: INFO    Jail
'urlscanners' stopped

2017-04-24 22:08:53,736 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-nohome

2017-04-24 22:08:53,738 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-nohome

2017-04-24 22:08:53,740 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-nohome

2017-04-24 22:08:53,740 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'apache-nohome' action 'iptables-multiport': Error stopping action

2017-04-24 22:08:53,744 fail2ban.jail           [14809]: INFO    Jail
'apache-nohome' stopped

2017-04-24 22:08:53,882 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 113.171.85.9

2017-04-24 22:08:54,099 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 140.112.90.104

2017-04-24 22:08:54,316 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 196.216.253.28

2017-04-24 22:08:54,534 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 210.44.144.31

2017-04-24 22:08:54,752 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 218.93.201.202

2017-04-24 22:08:54,971 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 46.161.9.30

2017-04-24 22:08:55,190 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 46.235.250.176

2017-04-24 22:08:55,408 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 62.176.5.7

2017-04-24 22:08:55,626 fail2ban.actions        [14809]: NOTICE  [recidive]
Unban 94.233.197.195

2017-04-24 22:08:55,954 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -j f2b-recidive

2017-04-24 22:08:55,955 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -j f2b-recidive

2017-04-24 22:08:55,957 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -j f2b-recidive

2017-04-24 22:08:55,958 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'recidive' action 'iptables-allports': Error stopping action

2017-04-24 22:08:55,958 fail2ban.jail           [14809]: INFO    Jail
'recidive' stopped

2017-04-24 22:08:56,545 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-sshd

2017-04-24 22:08:56,546 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-sshd

2017-04-24 22:08:56,546 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports ssh -j f2b-sshd

2017-04-24 22:08:56,546 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'sshd' action 'iptables-multiport': Error stopping action

2017-04-24 22:08:56,547 fail2ban.jail           [14809]: INFO    Jail
'sshd' stopped

2017-04-24 22:08:57,183 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache

2017-04-24 22:08:57,185 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache

2017-04-24 22:08:57,187 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache

2017-04-24 22:08:57,188 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'apache' action 'iptables-multiport': Error stopping action

2017-04-24 22:08:57,188 fail2ban.jail           [14809]: INFO    Jail
'apache' stopped

2017-04-24 22:08:57,979 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-overflows

2017-04-24 22:08:57,981 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-overflows

2017-04-24 22:08:57,983 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-overflows

2017-04-24 22:08:57,984 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'apache-overflows' action 'iptables-multiport': Error stopping
action

2017-04-24 22:08:57,985 fail2ban.jail           [14809]: INFO    Jail
'apache-overflows' stopped

2017-04-24 22:08:58,296 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports pop3,imap -j f2b-dovecot-pop3imap

2017-04-24 22:08:58,298 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports pop3,imap -j f2b-dovecot-pop3imap

2017-04-24 22:08:58,301 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports pop3,imap -j f2b-dovecot-pop3imap

2017-04-24 22:08:58,303 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'dovecot-pop3imap' action 'iptables-multiport': Error stopping
action

2017-04-24 22:08:58,304 fail2ban.jail           [14809]: INFO    Jail
'dovecot-pop3imap' stopped

2017-04-24 22:08:58,555 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots

2017-04-24 22:08:58,557 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots

2017-04-24 22:08:58,558 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots

2017-04-24 22:08:58,559 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'apache-badbots' action 'iptables-multiport': Error stopping
action

2017-04-24 22:08:58,560 fail2ban.jail           [14809]: INFO    Jail
'apache-badbots' stopped

2017-04-24 22:08:59,269 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript

2017-04-24 22:08:59,271 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript

2017-04-24 22:08:59,272 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript

2017-04-24 22:08:59,273 fail2ban.actions        [14809]: ERROR   Failed to
stop jail 'apache-noscript' action 'iptables-multiport': Error stopping
action

2017-04-24 22:08:59,274 fail2ban.jail           [14809]: INFO    Jail
'apache-noscript' stopped

2017-04-24 22:08:59,279 fail2ban.server         [14809]: INFO    Exiting
Fail2ban

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users