Re: [Fail2ban-users] Failed to stop jail 'jail' action 'iptables-multiport': Error stopping action

Wed, 26 Apr 2017 09:30:06 -0700 

On 25 April 2017 at 03:27, Robert Kudyba <rkud...@fordham.edu> wrote:

> Any idea why these happen on restarts? This thread mentions names the
> jails to check: https://github.com/fail2ban/fail2ban/issues/1092
>
>
> fail2ban-0.9.6-4.fc25.noarch
>
> cat /etc/fail2ban/jail.local
>
> [DEFAULT]
>
> ignoreip = 127.0.0.1 192.168.1.0/24
>
> bantime = 3600
>
> sender = root
>
> destemail = unclroot
>
> action = %(action_mwl)s
>
> backend = auto
>
> mta = sendmail
>
> [sshd]
>
> enabled = true
>
>
> # detect password authentication failures
>
> [apache]
>
> enabled  = true
>
> port     = http,https
>
> filter   = apache-auth
>
> #logpath  = /var/log/httpd/*error_log
>
> logpath  = /usr/local/etc/httpd/logs/*error_log
>
> maxretry = 6
>
>
>
> # detect spammer robots crawling email addresses
>
> [apache-badbots]
>
> enabled  = true
>
> port     = http,https
>
> filter   = apache-badbots
>
> #logpath  = /var/log/httpd/*access_log
>
> logpath  = /usr/local/etc/httpd/logs/*access_log
>
> bantime  = 172800
>
> maxretry = 1
>
​...
2017-04-24 22:08:58,555 fail2ban.action         [14809]: ERROR   iptables
-w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots

> 2017-04-24 22:08:58,557 fail2ban.action         [14809]: ERROR   iptables
> -w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots
>
> 2017-04-24 22:08:58,558 fail2ban.action         [14809]: ERROR   iptables
> -w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-badbots
>
> 2017-04-24 22:08:58,559 fail2ban.actions        [14809]: ERROR   Failed
> to stop jail 'apache-badbots' action 'iptables-multiport': Error stopping
> action
>
> 2017-04-24 22:08:58,560 fail2ban.jail           [14809]: INFO    Jail
> 'apache-badbots' stopped
>
> 2017-04-24 22:08:59,269 fail2ban.action         [14809]: ERROR   iptables
> -w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript
>
> 2017-04-24 22:08:59,271 fail2ban.action         [14809]: ERROR   iptables
> -w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript
>
> 2017-04-24 22:08:59,272 fail2ban.action         [14809]: ERROR   iptables
> -w -D INPUT -p tcp -m multiport --dports http,https -j f2b-apache-noscript
>
> 2017-04-24 22:08:59,273 fail2ban.actions        [14809]: ERROR   Failed
> to stop jail 'apache-noscript' action 'iptables-multiport': Error stopping
> action
>
> 2017-04-24 22:08:59,274 fail2ban.jail           [14809]: INFO    Jail
> 'apache-noscript' stopped
>
> 2017-04-24 22:08:59,279 fail2ban.server         [14809]: INFO    Exiting
> Fail2ban
>

​Could it be that iptables is failing to obtain the xtables exclusive lock
(-w option)? Or is your xtables not compatible with this option?​

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to