[CentOS] Semi-OT: fail2ban issue
Tony Mountifield
tony at softins.co.uk
Thu Oct 29 16:05:54 UTC 2015
In article <1446132814771.22431 at slac.stanford.edu>,
Eriksson, Thomas <thomas.eriksson at slac.stanford.edu> wrote:
> This should probably be a bug report for the fail2ban EPEL maintainer, the problem was introduced in version 0.9.3
>
> >From the file /etc/fail2ban/action.d/iptables-common.conf
> ...
> # Option: lockingopt
> # Notes.: Option was introduced to iptables to prevent multiple instances from
> # running concurrently and causing irratic behavior. -w was introduced
> # in iptables 1.4.20, so might be absent on older systems
> # See https://github.com/fail2ban/fail2ban/issues/1122
> # Values: STRING
> lockingopt = -w
> ...
>
> Now, CentOS 6.7 has iptables 1.4.7 and the "wait" option does not seem to have been backported by RedHat, so the EPEL package for EL6 should probably not have this as the default.
>
> My workaround was to create a file /etc/fail2ban/action.d/iptables-common.local that contains
> ...
> [Init]
> lockingopt =
> ...
Looks like it has been fixed in the update fail2ban-0.9.3-1.el6.1
Cheers
Tony
--
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org
More information about the CentOS
mailing list