On 9/3/2020 8:23 AM, Phillip Carroll wrote:
On 9/1/2020 4:48 PM, Phillip Carroll wrote:
when I list the ipset sets on the console, the only sets listed are
those managed by csf. Clearly I have implemented something incorrectly.
Problem solved!
One more discovery:
Most likely I didn't need the reboot. All I needed to do was use the
console command:
systemctl restart fail2ban.
All of my "manual restarts" of fail2ban server were previously done
using Webmin. Webmin presents a nice interactive page with "Fqail2Ban
Intrusion Detector" with buttons for restart server, and stop server.
HOWEVER: This method of restarting is evidently seriously broken. I
will report that problem to the Webmin developers. I discovered that
this morning after rebooting. I saw a configuration error in the
fail2ban.log, fixed it, and restarted fail2ban again using Webmin. I
then entered on the console:
..]# systemctl status fail2ban
The result said it was active for 20 minutes. WHOA! I just restarted!
I then restarted using the console, checked the status, It showed one
second up time. I then listed the ipset and FINALLY it listed entries
for the first time since starting this adventure!
Live and learn. I hope my reports of these interesting effects save
somebody else from making the same mistakes. I may write a "cheat
sheet" howto on getting fail2ban up and running with a custom log watch.
I will post my debugging logs if anyone is interested. I am also now
finally getting useful debug information in the fail2ban log.
Phil
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
