[CentOS] Fail2ban & logrotate [was: Update on spam, postfix, fail2ban, centos 6]
Mail Lists
lists at Tatorz.com
Sun Jun 17 14:32:58 UTC 2012
On 06/17/2012 10:16 AM, Leonard den Ottolander wrote:
> Hello Bob,
>
> On Sat, 2012-06-16 at 22:47 -0400, Bob Hoffman wrote:
>> 1- you must use gamin as the setting or the log rotations will make
>> fail2ban fail
> I noticed the failing of fail2ban after rotating the logs too.
> Supposedly it works fine on CentOS 5 (from an IRC chat on
> #fedora-epel(?)), but on CentOS 6 fail2ban will stop banning after log
> rotation even though it should handle log rotation transparently.
>
> However, you can fix your logrotate configuration to restart fail2ban
> after rotating the logs. Sadly that will remove current bans, but at
> least new bans will be added:
>
> (mind the line wraps)
>
> $ cat /etc/logrotate.d/syslog
> /var/log/cron
> /var/log/maillog
> /var/log/messages
> /var/log/secure
> /var/log/spooler
> {
> sharedscripts
> postrotate
> /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null`
> 2> /dev/null || true
> # reload fail2ban after log rotation
> /usr/bin/fail2ban-client -x reload> /dev/null
> endscript
> }
>
> Regards,
> Leonard.
>
I have been following this thread and I am interested to know what
kinda of notice your getting to know fail2ban has crashed
on a logrotate. I just did a force rotate and the only thing fail2ban
did was restart.
I am using Centos 6.2 + postfix + fail2ban-0.8.2-3.el6.rf
TIA
--
Brian ----- Get the latest Fremont, OH Weather
http://www.Fremont-OH-Weather.com
More information about the CentOS
mailing list