Greetings,

Just figured out how all this stuff works. Didn't realize at first that "action" is already defined under jail.conf so I overwrite it every time when I define it.

Best

Greetings,

I have Fail2ban v0.11.1 running on FreeBSD 12.0

Following jail works just fine:

=========================
[DEFAULT]
banaction = pf

[ssh-pf]
enabled  = true
port     = 22322
filter   = sshd
maxretry = 3
logpath  = /var/log/auth.log
findtime = 600
bantime  = 6h
=========================

Tho when I do something like this:
=========================
[DEFAULT]
banaction = pf

[ssh-pf]
enabled  = true
port     = 22322
filter   = sshd
maxretry = 3
action   = pf
logpath  = /var/log/auth.log
findtime = 600
bantime  = 6h
=========================

I'm getting following error:
echo "block quick proto tcp from <f2b-ssh-pf> to any port $port" |
pfctl -a f2b/ssh-pf -f-
2020-03-25 07:32:35,880 fail2ban.utils          [10959]: ERROR
8024382b0 -- stderr: 'stdin:1: syntax error'
2020-03-25 07:32:35,881 fail2ban.utils          [10959]: ERROR
8024382b0 -- stderr: 'pfctl: Syntax error in config file: pf rules not
loaded'
2020-03-25 07:32:35,881 fail2ban.utils          [10959]: ERROR
8024382b0 -- returned 1

 ^^^^^^^^ because $port is not defined, so looks like when I
explicitly define "action = pf" under a jail section --> jails "port"
option is ignored. Is that normal behavior?

Another quick question I was not able to google: is option banaction
alias for action, so you don't really care what to use?

Thanks


_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to