This doesn't look enough for tracking. How about strace? Did you find anything interesting?
------------ Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
debug:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.7 fail2ban.comm : DEBUG Command: ['add', 'sasl-iptables', 'polling'] fail2ban.jail : INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
fail2ba-server starts, but dont add rures in iptables.
Thank you
On 10/4/2013 1:31 μμ, Banyan He wrote:
Try strace to follow all fork/exec to see which command is invalid. Or, debug log?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
Hello list I'm trying to setup fail2ban specially sasl action but I'm facing problems. I have centos-release-5-9.el5.centos.1 and fail2ban-0.8.7.1-1.el5.rf installed with selinux disabled
The errors I get are: INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
I tried gemin against polling but I get the same error. The strange thing is that if I enable ssh action, starts with no problem. So it appears to be problem with sasl action, witch is:
[sasl-iptables]
enabled = true filter = sasl backend = polling action = iptables-multiport[name=sasl, port="imap,imaps,pop3,pop3s,smtp", protocol=tcp] sendmail-whois[name=sasl, dest=my@email] logpath = /var/log/maillog
The same setup I have in several mailserver (fedora and centos 6 distro) and all work fine.
Does someone faced the same problem?
Thak you in advance.
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
yes it doesn't! i have never work with strace. Any suggestions?
thank you
On 10/4/2013 2:10 μμ, Banyan He wrote:
This doesn't look enough for tracking. How about strace? Did you find anything interesting?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
debug:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.7 fail2ban.comm : DEBUG Command: ['add', 'sasl-iptables', 'polling'] fail2ban.jail : INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
fail2ba-server starts, but dont add rures in iptables.
Thank you
On 10/4/2013 1:31 μμ, Banyan He wrote:
Try strace to follow all fork/exec to see which command is invalid. Or, debug log?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
Hello list I'm trying to setup fail2ban specially sasl action but I'm facing problems. I have centos-release-5-9.el5.centos.1 and fail2ban-0.8.7.1-1.el5.rf installed with selinux disabled
The errors I get are: INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
I tried gemin against polling but I get the same error. The strange thing is that if I enable ssh action, starts with no problem. So it appears to be problem with sasl action, witch is:
[sasl-iptables]
enabled = true filter = sasl backend = polling action = iptables-multiport[name=sasl, port="imap,imaps,pop3,pop3s,smtp", protocol=tcp] sendmail-whois[name=sasl, dest=my@email] logpath = /var/log/maillog
The same setup I have in several mailserver (fedora and centos 6 distro) and all work fine.
Does someone faced the same problem?
Thak you in advance.
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
strace -s 512 -f -F -p <pid>
e.g. strace -s 512 -f -F -p 19420
You can use -o <output> to redirect the output to a file. That would be easier to check later then.
------------ Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 7:19 PM, Nikos Gatsis - Qbit wrote:
yes it doesn't! i have never work with strace. Any suggestions?
thank you
On 10/4/2013 2:10 μμ, Banyan He wrote:
This doesn't look enough for tracking. How about strace? Did you find anything interesting?
Banyan He Blog:http://www.rootong.com Email:banyan@rootong.com On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
debug:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.7 fail2ban.comm : DEBUG Command: ['add', 'sasl-iptables', 'polling'] fail2ban.jail : INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
fail2ba-server starts, but dont add rures in iptables.
Thank you
On 10/4/2013 1:31 μμ, Banyan He wrote:
Try strace to follow all fork/exec to see which command is invalid. Or, debug log?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
Hello list I'm trying to setup fail2ban specially sasl action but I'm facing problems. I have centos-release-5-9.el5.centos.1 and fail2ban-0.8.7.1-1.el5.rf installed with selinux disabled
The errors I get are: INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
I tried gemin against polling but I get the same error. The strange thing is that if I enable ssh action, starts with no problem. So it appears to be problem with sasl action, witch is:
[sasl-iptables]
enabled = true filter = sasl backend = polling action = iptables-multiport[name=sasl, port="imap,imaps,pop3,pop3s,smtp", protocol=tcp] sendmail-whois[name=sasl, dest=my@email] logpath = /var/log/maillog
The same setup I have in several mailserver (fedora and centos 6 distro) and all work fine.
Does someone faced the same problem?
Thak you in advance.
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
I run strace -s 512 -f -F -p 9406 9406 is fail2ban-server pid
9406 poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 1, 30000) = 0 (Timeout) ...
I think that the problem is not in server but the way actions "attached" to iptables. Python maybe?
Thanks again...
On 10/4/2013 2:30 μμ, Banyan He wrote:
strace -s 512 -f -F -p <pid>
e.g. strace -s 512 -f -F -p 19420
You can use -o <output> to redirect the output to a file. That would be easier to check later then.
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 4/10/2013 7:19 PM, Nikos Gatsis - Qbit wrote:
yes it doesn't! i have never work with strace. Any suggestions?
thank you
On 10/4/2013 2:10 μμ, Banyan He wrote:
This doesn't look enough for tracking. How about strace? Did you find anything interesting?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
debug:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.7 fail2ban.comm : DEBUG Command: ['add', 'sasl-iptables', 'polling'] fail2ban.jail : INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
fail2ba-server starts, but dont add rures in iptables.
Thank you
On 10/4/2013 1:31 μμ, Banyan He wrote:
Try strace to follow all fork/exec to see which command is invalid. Or, debug log?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
Hello list I'm trying to setup fail2ban specially sasl action but I'm facing problems. I have centos-release-5-9.el5.centos.1 and fail2ban-0.8.7.1-1.el5.rf installed with selinux disabled
The errors I get are: INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
I tried gemin against polling but I get the same error. The strange thing is that if I enable ssh action, starts with no problem. So it appears to be problem with sasl action, witch is:
[sasl-iptables]
enabled = true filter = sasl backend = polling action = iptables-multiport[name=sasl, port="imap,imaps,pop3,pop3s,smtp", protocol=tcp] sendmail-whois[name=sasl, dest=my@email] logpath = /var/log/maillog
The same setup I have in several mailserver (fedora and centos 6 distro) and all work fine.
Does someone faced the same problem?
Thak you in advance.
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
Well, the answer is here: https://github.com/fail2ban/fail2ban/commit/5becaf8ef2b8cd37d65de8079ce38d5e...
thanks all
On 10/4/2013 2:30 μμ, Banyan He wrote:
strace -s 512 -f -F -p <pid>
e.g. strace -s 512 -f -F -p 19420
You can use -o <output> to redirect the output to a file. That would be easier to check later then.
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 4/10/2013 7:19 PM, Nikos Gatsis - Qbit wrote:
yes it doesn't! i have never work with strace. Any suggestions?
thank you
On 10/4/2013 2:10 μμ, Banyan He wrote:
This doesn't look enough for tracking. How about strace? Did you find anything interesting?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
debug:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.7 fail2ban.comm : DEBUG Command: ['add', 'sasl-iptables', 'polling'] fail2ban.jail : INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
fail2ba-server starts, but dont add rures in iptables.
Thank you
On 10/4/2013 1:31 μμ, Banyan He wrote:
Try strace to follow all fork/exec to see which command is invalid. Or, debug log?
Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com
On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
Hello list I'm trying to setup fail2ban specially sasl action but I'm facing problems. I have centos-release-5-9.el5.centos.1 and fail2ban-0.8.7.1-1.el5.rf installed with selinux disabled
The errors I get are: INFO Creating new jail 'sasl-iptables' fail2ban.comm : WARNING Invalid command: ['add', 'sasl-iptables', 'polling']
I tried gemin against polling but I get the same error. The strange thing is that if I enable ssh action, starts with no problem. So it appears to be problem with sasl action, witch is:
[sasl-iptables]
enabled = true filter = sasl backend = polling action = iptables-multiport[name=sasl, port="imap,imaps,pop3,pop3s,smtp", protocol=tcp] sendmail-whois[name=sasl, dest=my@email] logpath = /var/log/maillog
The same setup I have in several mailserver (fedora and centos 6 distro) and all work fine.
Does someone faced the same problem?
Thak you in advance.
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
-- Untitled Document
*Γατσής Νίκος - Gatsis Nikos* Web developer tel.: 2108256721 - 2108256722 fax: 2108256712 email: ngatsis@qbit.gr http://www.qbit.gr
-
Banyan He -
Nikos Gatsis - Qbit