Hello Bob,
On Sun, 2012-06-17 at 23:41 -0400, Bob Hoffman wrote:
/etc/fail2ban/jail.conf change line 39 to backend = gamin
Without this fail2ban will ignore log rotations by logrotate and stay on the old file in your jails.
Polling doesn't work with python >= 2.6. I haven't tested if you will actually get a warning when using backend = polling, but there's some code in asyncserver.py disables polling. Using backend = auto will fall back to using pyInotify. This backend causes the issue with fail2ban not noticing the log files having been rotated. Might be an issue with too few events being passed to fail2ban. Couldn't quite work it out yet.
I have reported the issue: https://bugzilla.redhat.com/show_bug.cgi?id=833056
with more than one jail you can (and will) get chances of errors when starting fail2ban. Some people seem to attribute it centos 6 having an older version of netfilter. The program goes to fast for iptables and chokes setting up the chains.
This issue is known in Debian's bug tracker which also provides a reference to a patch that you might want to check out.
I have reported the issue: https://bugzilla.redhat.com/show_bug.cgi?id=833046
You have to have debug with at least 'info' to see these errors.
They are reported as errors, so I think you might be mistaken here. If not then there's a bug with the error reporting :p .
When stopping you will get a ton of these errors too, but they seem to have no effect on anything.
Those errors are caused by the chains to be removed not actually being there.
add sleep command into the following
That won't work with the current version. The code has changed significantly. See the patch mentioned in the bugzilla entry above.
The whole log thing is borked. if you try to use fail2ban.log, fail2ban itself will choke on it.
Haven't run into this one yet. Perhaps you can report that via https://bugzilla.redhat.com/ (you can find EPEL under Fedora).
Regards, Leonard.