On 06/17/2012 10:16 AM, Leonard den Ottolander wrote: > Hello Bob, > > On Sat, 2012-06-16 at 22:47 -0400, Bob Hoffman wrote: >> 1- you must use gamin as the setting or the log rotations will make >> fail2ban fail > I noticed the failing of fail2ban after rotating the logs too. > Supposedly it works fine on CentOS 5 (from an IRC chat on > #fedora-epel(?)), but on CentOS 6 fail2ban will stop banning after log > rotation even though it should handle log rotation transparently. > > However, you can fix your logrotate configuration to restart fail2ban > after rotating the logs. Sadly that will remove current bans, but at > least new bans will be added: > > (mind the line wraps) > > $ cat /etc/logrotate.d/syslog > /var/log/cron > /var/log/maillog > /var/log/messages > /var/log/secure > /var/log/spooler > { > sharedscripts > postrotate > /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` > 2> /dev/null || true > # reload fail2ban after log rotation > /usr/bin/fail2ban-client -x reload> /dev/null > endscript > } > > Regards, > Leonard. > I have been following this thread and I am interested to know what kinda of notice your getting to know fail2ban has crashed on a logrotate. I just did a force rotate and the only thing fail2ban did was restart. I am using Centos 6.2 + postfix + fail2ban-0.8.2-3.el6.rf TIA -- Brian ----- Get the latest Fremont, OH Weather http://www.Fremont-OH-Weather.com