can someone explain to me where the error is in this
configuration? Here's the error message I get when manually trying
to ban using the jail, "manban" - I think I may need a slightly
different set of parms to shut out certain ports and am not using the
right references..
2018-02-12 13:38:01,892 fail2ban.action [1305]: ERROR ipset
add fail2ban-manban 118.69.37.118 timeout 7776000 -exist -- stdout: ''
2018-02-12 13:38:01,892 fail2ban.action [1305]: ERROR ipset
add fail2ban-manban 118.69.37.118 timeout 7776000 -exist -- stderr:
'ipset v6.29: The set with the given name does not exist\n'
2018-02-12 13:38:01,892 fail2ban.action [1305]: ERROR ipset
add fail2ban-manban 118.69.37.118 timeout 7776000 -exist -- returned 1
2018-02-12 13:38:01,892 fail2ban.actions [1305]:
ERROR Failed to execute ban jail 'manban' action
'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': <function
<lambda> at 0x124c938>, 'matches': '', 'ip': '118.69.37.118',
'ipmatches': <function <lambda> at 0x124ca28>, 'ipfailures':
<function <lambda> at 0x124c578>, 'time': 1518464281.783138,
'failures': 1, 'ipjailfailures': <function <lambda> at 0x124c6e0>})':
Error banning 118.69.37.118
jail.local: (think the problem may be with the command/parms I'm
using to determine which ports to block)
[manban]
enabled = true
filter = manban
port = smtp,465,submission,imap2,imap3,imaps,pop3,pop3s,http,https,socks,21,22
logpath = /var/log/manban.log
maxretry = 1
# 1 month
bantime = 2592000
findtime = 3600
manban.conf: (I assume this isn't the problem because this is a copy
of an existing conf that isn't being actively tested)
[INCLUDES]
before = common.conf
[Definition]
#Looks for failed password logins to SMTP
# sample trigger line: [Fri Aug 19 10:33:10 2011] [error] [client
207.171.3.138] File does not exist: /var/www/skraps/roundcubemail
failregex = ^\[\w{1,3}.\w{1,3}.\d{1,2}.\d{1,2}:\d{1,2}:\d{1,2}
\d{1,4}. \[error] \[client.<HOST>].File does not exist:.{1,40}roundcube.{1
,200}
ignoreregex =
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users