Hi,
To begin I'm sorry for my poor English level, that's not my first language.
On CentOS 6 I've installed fail2ban 0.8.4 from EPEL repository. I've configured it with this page : http://centoshelp.org/security/fail2ban/
Then I've tried this command :
chkconfig --level 23 fail2ban on && service fail2ban start
but the output says it fallen, nothing more. The status option says is stopped.
Also I don't have log for it and no manual page (for the latest, this is normal ?).
This is my /etc/fail2ban/jail.conf : http://pastebin.com/j5FhJzKY
I'm asking here because I don't find help on Google, #centos and forums.
Cordially, Kévin "Koshie" GASPARD.
Vreme: 11/04/2011 03:18 AM, Kévin GASPARD piše:
Hi,
To begin I'm sorry for my poor English level, that's not my first language.
On CentOS 6 I've installed fail2ban 0.8.4 from EPEL repository. I've configured it with this page : http://centoshelp.org/security/fail2ban/
Then I've tried this command :
chkconfig --level 23 fail2ban on&& service fail2ban start
but the output says it fallen, nothing more. The status option says is stopped.
Also I don't have log for it and no manual page (for the latest, this is normal ?).
This is my /etc/fail2ban/jail.conf : http://pastebin.com/j5FhJzKY
I'm asking here because I don't find help on Google, #centos and forums.
Cordially, Kévin "Koshie" GASPARD.
It is best if you ask on EPEL(/Fedora) since you installed them from there. There is Maintainers name and e-mail if you need more specific help, but the best solution is to file a bug against their bugtracker (Red Hat's?)
Le 04/11/2011 10:42, Ljubomir Ljubojevic a écrit :
Vreme: 11/04/2011 03:18 AM, Kévin GASPARD piše:
Hi,
To begin I'm sorry for my poor English level, that's not my first language.
On CentOS 6 I've installed fail2ban 0.8.4 from EPEL repository. I've configured it with this page : http://centoshelp.org/security/fail2ban/
Then I've tried this command :
chkconfig --level 23 fail2ban on&& service fail2ban start
but the output says it fallen, nothing more. The status option says is stopped.
Also I don't have log for it and no manual page (for the latest, this is normal ?).
This is my /etc/fail2ban/jail.conf : http://pastebin.com/j5FhJzKY
I'm asking here because I don't find help on Google, #centos and forums.
Cordially, Kévin "Koshie" GASPARD.
It is best if you ask on EPEL(/Fedora) since you installed them from there. There is Maintainers name and e-mail if you need more specific help, but the best solution is to file a bug against their bugtracker (Red Hat's?)
I've an idea, compile fail2ban 0.8.4 to see where is the problem : From EPEL or from fail2ban dev. I will do that this week-end or next monday.
Anyway I will see that :).
Thank you.
2011/11/3 Kévin GASPARD kevingaspard@lavabit.com
Hi,
To begin I'm sorry for my poor English level, that's not my first language.
On CentOS 6 I've installed fail2ban 0.8.4 from EPEL repository. I've configured it with this page : http://centoshelp.org/security/fail2ban/
Then I've tried this command :
chkconfig --level 23 fail2ban on && service fail2ban start
but the output says it fallen, nothing more. The status option says is stopped.
Also I don't have log for it and no manual page (for the latest, this is normal ?).
This is my /etc/fail2ban/jail.conf : http://pastebin.com/j5FhJzKY
I'm asking here because I don't find help on Google, #centos and forums.
Cordially, Kévin "Koshie" GASPARD.
Config, seems to be fine. Please, can you paste the exact error when you try to start the service?
Le 04/11/2011 11:47, Diego Sanchez a écrit :
2011/11/3 Kévin GASPARDkevingaspard@lavabit.com
Hi,
To begin I'm sorry for my poor English level, that's not my first language.
On CentOS 6 I've installed fail2ban 0.8.4 from EPEL repository. I've configured it with this page : http://centoshelp.org/security/fail2ban/
Then I've tried this command :
chkconfig --level 23 fail2ban on&& service fail2ban start
but the output says it fallen, nothing more. The status option says is stopped.
Also I don't have log for it and no manual page (for the latest, this is normal ?).
This is my /etc/fail2ban/jail.conf : http://pastebin.com/j5FhJzKY
I'm asking here because I don't find help on Google, #centos and forums.
Cordially, Kévin "Koshie" GASPARD.
Config, seems to be fine. Please, can you paste the exact error when you try to start the service?
The output of service fail2ban start in root (that's in french) :
Démarrage de fail2ban : [ÉCHOUÉ]
Like I said, about the start up it's a fail.
On 11/04/2011 12:48 PM, Kévin GASPARD wrote:
The output of service fail2ban start in root (that's in french) :
Démarrage de fail2ban : [ÉCHOUÉ]
The docs on the fail2ban website also say how you can start fail2ban manually (at http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Usage):
$ fail2ban-client start
Maybe starting it that way gives you more information why it fails.
Regards, Patrick
Le 04/11/2011 12:54, Patrick Lists a écrit :
On 11/04/2011 12:48 PM, Kévin GASPARD wrote:
The output of service fail2ban start in root (that's in french) :
Démarrage de fail2ban : [ÉCHOUÉ]
The docs on the fail2ban website also say how you can start fail2ban manually (at http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Usage):
$ fail2ban-client start
Maybe starting it that way gives you more information why it fails.
Regards, Patrick _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
[root@turing lighttpd]# fail2ban-client start WARNING 'action' not defined in 'php-url-fopen'. Using default value WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value ERROR Error in action definition ERROR Errors in jail 'lighttpd-fastcgi'. Skipping...
Cordially
On 11/04/2011 01:24 PM, Kévin GASPARD wrote: [snip]
$ fail2ban-client start
Maybe starting it that way gives you more information why it fails.
Hi,
[root@turing lighttpd]# fail2ban-client start WARNING 'action' not defined in 'php-url-fopen'. Using default value WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value ERROR Error in action definition ERROR Errors in jail 'lighttpd-fastcgi'. Skipping...
It seems you have errors in those 2 configs. Fix those 2 configs. If you don't know how to then check the manual on the fail2ban website.
Regards, Patrick
On 11/4/2011 8:24 AM, Kévin GASPARD wrote:
Le 04/11/2011 12:54, Patrick Lists a écrit :
On 11/04/2011 12:48 PM, Kévin GASPARD wrote:
The output of service fail2ban start in root (that's in french) :
Démarrage de fail2ban : [ÉCHOUÉ]
The docs on the fail2ban website also say how you can start fail2ban manually (at http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Usage):
$ fail2ban-client start
Maybe starting it that way gives you more information why it fails.
Regards, Patrick _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
[root@turing lighttpd]# fail2ban-client start WARNING 'action' not defined in 'php-url-fopen'. Using default value WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value ERROR Error in action definition ERROR Errors in jail 'lighttpd-fastcgi'. Skipping...
Cordially
Yeah... I was thinking that was the problem. I'm running Fail2Ban and I think I got it from EPEL, on CentOS 6 without problems.
Looks like you need to kill off some of your jail confs and then turn them on and tune them one by one. Fail2Ban relies on logging and even certain log levels being run from the services you are checking. I found the default Fail2Ban install worked very well on a default webserver/mailserver install. There were a number of things that I needed to do to turn on other checks. And I have customized even further. For instance, I subscribe to Spamhaus. I use the spamhaus maillog entries to look for repeated attempts to one or more domains and after so many, block the offender at the firewall. Saves a lot of server load and 'seems' to make these folks give up on my systems to some extent.
So, turn off most of the event triggers and then turn them back on one at a time. Then edit the rules as needed or set log levels on the service being checked to give the output needed to work with the rule.
-
Diego Sanchez -
John Hinton -
Kévin GASPARD -
Ljubomir Ljubojevic -
Patrick Lists