Hello, Am Samstag, 20. August 2016, 16:05:48 schrieb Alexander Dalloz: > Am 20.08.2016 um 14:46 schrieb Günther J. Niederwimmer: > > Hello List, > > > > with CentOS 7.2 it is not longer possible to run fail2ban on a Server ? > > > > I install a new CentOS 7.2 and the EPEL directory > > yum install fail2ban > > No such issue on a clean test install. > > [root at centos7 fail2ban]# rpm -qa fail2ban\* > fail2ban-sendmail-0.9.3-1.el7.noarch > fail2ban-firewalld-0.9.3-1.el7.noarch > fail2ban-0.9.3-1.el7.noarch > fail2ban-server-0.9.3-1.el7.noarch > > Make sure you have fail2ban-firewalld installed as this provides the > configuration to use firewallcmd-ipset as default banaction. > > Plenty of reasons for the "ERROR: NOT_ENABLED" logging, see man 5 > firewalld.dbus. ?? this are the logs from fail2ban I mean we have a broken ipset and or iptables? I have extra install a "old" CentOS 7 and Test before update, this is working I found the blocked IP's in iptables -L -n ??? Now with 7.2 I have only Errors ?? 2016-08-21 11:09:33,565 fail2ban.actions [2066]: ERROR Failed to execute ban jail 'sshd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f19e1d8baa0>, 'matches': '2016-06-18T13:12:13.154635 yyy.xxxxx.com sshd[3705]: Invalid user john from 95.211.190.210\n2016-06-18T13:12:13.590404 yyy.xxxxx.com sshd[3707]: Invalid user nagios from 95.211.190.210', 'ip': '95.211.190.210', 'ipmatches': <function <lambda> at 0x7f19e1d8ba28>, 'ipfailures': <function <lambda> at 0x7f19e1d8b9b0>, 'time': 1471770573.462379, 'failures': 2, 'ipjailfailures': <function <lambda> at 0x7f19e1d8b938>})': Error banning 95.211.190.210 2016-08-21 11:09:33,565 fail2ban.actions [2066]: NOTICE [sshd] Ban 97.74.232.35 2016-08-21 11:09:33,668 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 97.74.232.35 timeout 7776000 -exist -- stdout: '' 2016-08-21 11:09:33,668 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 97.74.232.35 timeout 7776000 -exist -- stderr: 'ipset v6.19: The set with the given name does not exist\n' 2016-08-21 11:09:33,668 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 97.74.232.35 timeout 7776000 -exist -- returned 1 2016-08-21 11:09:33,668 fail2ban.actions [2066]: ERROR Failed to execute ban jail 'sshd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f19e1d8b9b0>, 'matches': '2016-08-14T16:19:53.289264 yyy.xxxxx.com sshd[24915]: Invalid user guest from 97.74.232.35\n2016-08-14T16:19:54.661401 yyy.xxxxx.com sshd[24917]: Invalid user pi from 97.74.232.35', 'ip': '97.74.232.35', 'ipmatches': <function <lambda> at 0x7f19e1d8b938>, 'ipfailures': <function <lambda> at 0x7f19e1d8ba28>, 'time': 1471770573.565505, 'failures': 2, 'ipjailfailures': <function <lambda> at 0x7f19e1d8baa0>})': Error banning 97.74.232.35 2016-08-21 11:09:33,668 fail2ban.actions [2066]: NOTICE [sshd] Ban 98.142.52.44 2016-08-21 11:09:33,771 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.142.52.44 timeout 7776000 -exist -- stdout: '' 2016-08-21 11:09:33,771 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.142.52.44 timeout 7776000 -exist -- stderr: 'ipset v6.19: The set with the given name does not exist\n' 2016-08-21 11:09:33,771 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.142.52.44 timeout 7776000 -exist -- returned 1 2016-08-21 11:09:33,771 fail2ban.actions [2066]: ERROR Failed to execute ban jail 'sshd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f19e1d8ba28>, 'matches': '2016-06-08T15:27:16.145465 yyy.xxxxx.com sshd[20294]: Invalid user a from 98.142.52.44\n2016-06-08T15:27:19.797928 yyy.xxxxx.com sshd[20297]: Invalid user ajay from 98.142.52.44', 'ip': '98.142.52.44', 'ipmatches': <function <lambda> at 0x7f19e1d8baa0>, 'ipfailures': <function <lambda> at 0x7f19e1d8b938>, 'time': 1471770573.668562, 'failures': 2, 'ipjailfailures': <function <lambda> at 0x7f19e1d8b9b0>})': Error banning 98.142.52.44 2016-08-21 11:09:33,771 fail2ban.actions [2066]: NOTICE [sshd] Ban 98.254.171.195 2016-08-21 11:09:33,874 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.254.171.195 timeout 7776000 -exist -- stdout: '' 2016-08-21 11:09:33,874 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.254.171.195 timeout 7776000 -exist -- stderr: 'ipset v6.19: The set with the given name does not exist\n' 2016-08-21 11:09:33,874 fail2ban.action [2066]: ERROR ipset add fail2ban-sshd 98.254.171.195 timeout 7776000 -exist -- returned 1 2016-08-21 11:09:33,874 fail2ban.actions [2066]: ERROR Failed to execute ban jail 'sshd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f19e1d8b938>, 'matches': '2016-06-01T03:21:56.504682 yyy.xxxxx.com sshd[8392]: Invalid user ubnt from 98.254.171.195\n2016-06-01T03:22:42.468330 yyy.xxxxx.com sshd[8473]: Invalid user pi from 98.254.171.195', 'ip': '98.254.171.195', 'ipmatches': <function <lambda> at 0x7f19e1d8b9b0>, 'ipfailures': <function <lambda> at 0x7f19e1d8baa0>, 'time': 1471770573.771765, 'failures': 2, 'ipjailfailures': <function <lambda> at 0x7f19e1d8ba28>})': Error banning 98.254.171.195 this is my Jail.local # [DEFAULT] bantime = 2592000 findtime = 3600 ignoreip = 127.0.0.1/8 192.168.55.0/24 192.168.100.0/24 maxretry = 2 # [sshd-ddos] enabled = true [sshd] enabled = true [selinux-ssh] enabled = true -- mit freundlichen Grüßen / best regards, Günther J. Niederwimmer