[Bug 403808] [NEW] fail2ban not execute command to start jail

mike Bernson Thu, 23 Jul 2009 17:00:40 -0700

Public bug reported:

Binary package hint: fail2ban


I am runnig ubuntu 9.04 server 64 bit.
r...@work-isp:/etc/fail2ban# uname -a
Linux work-isp.ltcd.com 2.6.28-13-generic #45-Ubuntu SMP Tue Jun 30 22:12:12 
UTC 2009 x86_64 GNU/Linux

Want start fail2ban a jail using iptables some or all of the command to create 
the jail will fail and
leave the jail in bad state or uncreated. When this happend the I see errors in 
the log stating that
the command failed with a returned code (sometime 200 and simetimes 400 and 
sometimes 100)

Between working and broken (failed to create jail) I do not change anything in 
the configs. All I do
is just /etc/init.d/fail2ban start. If it did not create all the jails I then 
do /etc/init.d/file2ban stop followed
by /et/init.d/fail2ban start. If a do the a few times then I get all the jails 
created.

I known that you must run using python 2.5 not python 2.6. I have edit the top 
of both
fail2ban-server and fail2ban-client to '#!/usr/bin/python2.5'.

I can see that the jail is not created using iptables -n -L.
Sometime the chain for the jail is not created. Sometimes
the return is not there. Sometime the rule in the INPUT
chain to jump is not there. In all case that did not work
I just a command returning X00.


r...@work-isp:/etc/fail2ban# lsb_release -rd
Description:    Ubuntu 9.04
Release:        9.04

r...@work-isp:~# apt-cache policy fail2ban
fail2ban:
  Installed: 0.8.3-2
  Candidate: 0.8.3-2
  Version table:
 *** 0.8.3-2 0
        500 http://us.archive.ubuntu.com jaunty/universe Packages
        100 /var/lib/dpkg/status


Here is a copy of the 2 jails that are active in jails.conf:

[apache]

enabled = true
port    = http,https
filter  = apache-auth
logpath = /var/log/apache*/*error.log
bantime  = 900
maxretry = 6

[dovecot]

enabled = true
port    = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
filter  = dovecot-auth
logpath = /var/log/mail.log
bantime  = 900
maxretry = 6

[SquirrelMail]

enabled   = true
port      = http,https
filter    = squirrelmail
logpath   = /var/log/squirrelmail.log
bantime  = 900
maxretry = 3

Here log file showing the error:
2009-07-23 18:42:31,996 fail2ban.server : INFO   Changed logging target to 
/var/log/fail2ban.log for Fail2ban v0.8.3
2009-07-23 18:42:31,998 fail2ban.jail   : INFO   Creating new jail 'apache'
2009-07-23 18:42:31,998 fail2ban.jail   : INFO   Jail 'apache' uses poller
2009-07-23 18:42:32,029 fail2ban.filter : INFO   Added logfile = 
/var/log/apache2/error.log
2009-07-23 18:42:32,030 fail2ban.filter : INFO   Set maxRetry = 6
2009-07-23 18:42:32,033 fail2ban.filter : INFO   Set findtime = 600
2009-07-23 18:42:32,034 fail2ban.actions: INFO   Set banTime = 900
2009-07-23 18:42:32,054 fail2ban.jail   : INFO   Creating new jail 'dovecot'
2009-07-23 18:42:32,054 fail2ban.jail   : INFO   Jail 'dovecot' uses poller
2009-07-23 18:42:32,056 fail2ban.filter : INFO   Added logfile = 
/var/log/mail.log
2009-07-23 18:42:32,058 fail2ban.filter : INFO   Set maxRetry = 6
2009-07-23 18:42:32,060 fail2ban.filter : INFO   Set findtime = 600
2009-07-23 18:42:32,062 fail2ban.actions: INFO   Set banTime = 900
2009-07-23 18:42:32,080 fail2ban.jail   : INFO   Creating new jail 
'SquirrelMail'
2009-07-23 18:42:32,080 fail2ban.jail   : INFO   Jail 'SquirrelMail' uses poller
2009-07-23 18:42:32,082 fail2ban.filter : INFO   Added logfile = 
/var/log/squirrelmail.log
2009-07-23 18:42:32,083 fail2ban.filter : INFO   Set maxRetry = 3
2009-07-23 18:42:32,086 fail2ban.filter : INFO   Set findtime = 600
2009-07-23 18:42:32,087 fail2ban.actions: INFO   Set banTime = 900
2009-07-23 18:42:32,102 fail2ban.jail   : INFO   Jail 'apache' started
2009-07-23 18:42:32,107 fail2ban.jail   : INFO   Jail 'dovecot' started
2009-07-23 18:42:32,114 fail2ban.jail   : INFO   Jail 'SquirrelMail' started
2009-07-23 18:42:32,139 fail2ban.actions.action: ERROR  iptables -N 
fail2ban-dovecot
iptables -A fail2ban-dovecot -j RETURN
iptables -I INPUT -p tcp -m multiport --dports 
smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s -j fail2ban-dovecot returned 200
2009-07-23 19:16:32,479 fail2ban.jail   : INFO   Jail 'apache' stopped
2009-07-23 19:16:33,426 fail2ban.actions.action: ERROR  iptables -D INPUT -p 
tcp -m multiport --dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s -j 
fail2ban-dovecot
iptables -F fail2ban-dovecot
iptables -X fail2ban-dovecot returned 100

ProblemType: Bug
Architecture: amd64
Dependencies:
 
DistroRelease: Ubuntu 9.04
NonfreeKernelModules: nvidia
Package: fail2ban None [modified: /var/lib/dpkg/info/fail2ban.list]
PackageArchitecture: all
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: fail2ban
Uname: Linux 2.6.28-14-generic x86_64
UnreportableReason: This is not a genuine Ubuntu package

** Affects: fail2ban (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug

-- 
fail2ban not execute command to start jail
https://bugs.launchpad.net/bugs/403808
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 403808] [NEW] fail2ban not execute command to start jail

Reply via email to