This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

fail2ban errors in ban actions

1 post / 0 new

Topic locked

#1 Tue, 11/05/2019 - 14:47

DanielStonek

fail2ban errors in ban actions

A couple of weeks ago I built a VPS from Contabo. They installed Centos 7 and Webmin. I realized that fail2ban was not working properly. The only setting I've changed was some Time to Ban. Letting the action ban to firewallcmd-ipset in some common services like postfix, postfix-sasl, dovecot, proftpd from fail2ban.log I got errors like

2019-11-05 11:20:01,002 fail2ban.actions [1483]: NOTICE [proftpd] Ban 222.182.57.235

2019-11-05 11:20:01,135 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- stdout: ''

2019-11-05 11:20:01,136 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- stderr: 'ipset v7.1: The set with the given name does not exist\n'

2019-11-05 11:20:01,137 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- returned 1

2019-11-05 11:20:01,137 fail2ban.actions [1483]: ERROR Failed to execute ban jail 'proftpd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': at 0x7fcc0220fd70>, 'matches': '2019-11-05T11:19:14.844114host.MyDomain.com proftpd[17169]: xxx.xxx.xxx.xxx (222.182.57.235[222.18......

Changing some actions to iptables-allports I got

2019-11-05 12:06:58,310 fail2ban.filter [1483]: INFO [dovecot] Found 160.20.147.228

2019-11-05 12:06:58,750 fail2ban.actions [1483]: NOTICE [dovecot] Ban 160.20.147.228

2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- stdout: ''

2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- stderr: ''

2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- returned 1

2019-11-05 12:06:58,862 fail2ban.CommandAction [1483]: ERROR Invariant check failed. Trying to restore a sane environment

2019-11-05 12:06:58,974 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default

iptables -w -F f2b-default

iptables -w -X f2b-default -- stdout: ''

2019-11-05 12:06:58,975 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default

iptables -w -F f2b-default

iptables -w -X f2b-default -- stderr: "iptables v1.4.21: Couldn't load target `f2b-default':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match by that name.\n"

2019-11-05 12:06:58,975 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default

iptables -w -F f2b-default

iptables -w -X f2b-default -- returned 1

2019-11-05 12:06:58,975 fail2ban.actions [1483]: ERROR Failed to execute ban jail 'dovecot' action 'iptables-allports' info 'CallingMap({'ipjailmatches': at 0x7fcc0220fc08>, 'match.......

ipset -v ipset v7.1, protocol version: 7

How can I solve that? Thank you