Profile cover photo
Profile photo
Ferdinand Thommes
555 followers -
linux afficionado for the last decade, debian supporter
linux afficionado for the last decade, debian supporter

555 followers
About
Ferdinand's interests
View all
Ferdinand's posts

Hi,
I have been running f2b on a Debian Stable server for a long time. Yesterday I upgraded the server to Debian Testing and with that came fail2ban 0.9.6-1. For starters the service would not start, but I got that fixed:

systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2017-02-19 15:32:43 CET; 18s ago
Docs: man:fail2ban(1)
Main PID: 2019 (fail2ban-server)
CGroup: /system.slice/fail2ban.service
└─2019 /usr/bin/python3 /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b

Feb 19 15:32:43 vmd16363.contabo.host systemd[1]: Starting Fail2Ban Service...
Feb 19 15:32:43 vmd16363.contabo.host fail2ban-client[2016]: 2017-02-19 15:32:43,786 fail2ban.server [2017]: INFO Starting Fail2ban v0.9.6
Feb 19 15:32:43 vmd16363.contabo.host fail2ban-client[2016]: 2017-02-19 15:32:43,787 fail2ban.server [2017]: INFO Starting in daemon mode
Feb 19 15:32:43 vmd16363.contabo.host systemd[1]: Started Fail2Ban Service.

But f2b does not ban anything and /var/log/fail2ban.log stays empty. I spent the whole day with trying different things, startet from scratch with fresh configs, but no go.

iptables -S says:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b-owncloud
-N f2b-sshd
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-owncloud
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A f2b-owncloud -j RETURN
-A f2b-sshd -j RETURN

My very basic jail.local has:

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600
banaction = iptables-multiport
[sshd]
enabled = true

I have no clue what else I could try. Thanks for any help.












Post has attachment

Post has shared content

Post has attachment
Plans for the next siduction release including a new installer and the drop of an architecture...

Post has shared content

Post has attachment

Post has shared content

Post has attachment

Post has shared content
Wait while more posts are being loaded