[CentOS] fail2ban problem

Wed Apr 10 11:30:31 UTC 2013
Banyan He <banyan at rootong.com>

strace -s 512 -f -F -p <pid>

e.g.
strace -s 512 -f -F -p 19420

You can use -o <output> to redirect the output to a file. That would be 
easier to check later then.

------------
Banyan He
Blog: http://www.rootong.com
Email: banyan at rootong.com

On 4/10/2013 7:19 PM, Nikos Gatsis - Qbit wrote:
> yes it doesn't!
> i have never work with strace. Any suggestions?
>
> thank you
>
>
>
> On 10/4/2013 2:10 μμ, Banyan He wrote:
>> This doesn't look enough for tracking. How about strace? Did you find 
>> anything interesting?
>> ------------
>> Banyan He
>> Blog:http://www.rootong.com
>> Email:banyan at rootong.com
>> On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
>>> debug:
>>>
>>> fail2ban.server : INFO   Changed logging target to 
>>> /var/log/fail2ban.log for Fail2ban v0.8.7
>>> fail2ban.comm   : DEBUG  Command: ['add', 'sasl-iptables', 'polling']
>>> fail2ban.jail   : INFO   Creating new jail 'sasl-iptables'
>>> fail2ban.comm   : WARNING Invalid command: ['add', 'sasl-iptables', 
>>> 'polling']
>>>
>>> fail2ba-server starts, but dont add rures in iptables.
>>>
>>> Thank you
>>>
>>>
>>> On 10/4/2013 1:31 μμ, Banyan He wrote:
>>>> Try strace to follow all fork/exec to see which command is invalid. 
>>>> Or, debug log?
>>>>
>>>> ------------
>>>> Banyan He
>>>> Blog: http://www.rootong.com
>>>> Email: banyan at rootong.com
>>>>
>>>> On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
>>>>> Hello list
>>>>> I'm trying to setup fail2ban specially sasl action but I'm facing 
>>>>> problems.
>>>>> I have centos-release-5-9.el5.centos.1
>>>>> and
>>>>> fail2ban-0.8.7.1-1.el5.rf
>>>>> installed
>>>>> with selinux disabled
>>>>>
>>>>> The errors I get are:
>>>>> INFO   Creating new jail 'sasl-iptables'
>>>>> fail2ban.comm   : WARNING Invalid command: ['add', 'sasl-iptables',
>>>>> 'polling']
>>>>>
>>>>> I tried gemin against polling but I get the same error.
>>>>> The strange thing is that if I enable ssh action, starts with no 
>>>>> problem.
>>>>> So it appears to be problem with sasl action, witch is:
>>>>>
>>>>> [sasl-iptables]
>>>>>
>>>>> enabled  = true
>>>>> filter   = sasl
>>>>> backend  = polling
>>>>> action   = iptables-multiport[name=sasl,
>>>>> port="imap,imaps,pop3,pop3s,smtp", protocol=tcp]
>>>>>             sendmail-whois[name=sasl, dest=my at email]
>>>>> logpath  = /var/log/maillog
>>>>>
>>>>> The same setup I have in several mailserver (fedora and centos 6 
>>>>> distro)
>>>>> and all work fine.
>>>>>
>>>>> Does someone faced the same problem?
>>>>>
>>>>> Thak you in advance.
>>>>>
>>>>
>>>>
>>>
>>> -- 
>>> Untitled Document
>>> ------------------------------------------------------------------------
>>> *Γατσής Νίκος - Gatsis Nikos*
>>> Web developer
>>> tel.: 2108256721 - 2108256722
>>> fax: 2108256712
>>> email: ngatsis at qbit.gr
>>> http://www.qbit.gr
>>
>
> -- 
> Untitled Document
> ------------------------------------------------------------------------
> *Γατσής Νίκος - Gatsis Nikos*
> Web developer
> tel.: 2108256721 - 2108256722
> fax: 2108256712
> email: ngatsis at qbit.gr
> http://www.qbit.gr