All, I've configured fail2ban following the wiki, it is running, and I've enabled jails in /etc/fail2ban/jails.local, but fail2ban-client status shows no jails. The jails.local is: [DEFAULT] destemail = david@domain.tld sender = david@domain.tld # to ban & send an e-mail with whois report to the destemail. #action = %(action_mw)s # same as action_mw but also send relevant log lines action = %(action_mwl)s [DEFAULT] bantime = 2d [sshd] enable = true port = ssh,6661 [dovecot] enable = true [postfix] enable = true [smtpd] enable = true Running fail2ban-client status shows: # fail2ban-client status Status |- Number of jail: 0 `- Jail list: Reading other fail2ban configuration howtos, suggest I should be seeing the enabled jails. Is there something else I need to do on Arch? -- David C. Rankin, J.D.,P.E.
Hi David,
I've configured fail2ban following the wiki, it is running, and I've enabled jails in /etc/fail2ban/jails.local
Try jail.local; no ‘s’. -- Cheers, Ralph.
On 11/30/23 05:00, Ralph Corderoy wrote:
Hi David,
I've configured fail2ban following the wiki, it is running, and I've enabled jails in /etc/fail2ban/jails.local
Try jail.local; no ‘s’.
Ohh, say it ain't so... the shame of it... WHEW NOT!, thank you Ralph :) # l total 100 drwxr-xr-x 6 root root 4096 Nov 29 15:56 . drwxr-xr-x 148 root root 12288 Nov 30 16:14 .. drwxr-xr-x 2 root root 4096 May 23 2023 action.d drwxr-xr-x 2 root root 4096 Nov 9 2022 fail2ban.d drwxr-xr-x 3 root root 4096 May 23 2023 filter.d drwxr-xr-x 2 root root 4096 Nov 29 15:29 jail.d -rw-r--r-- 1 root root 3017 May 20 2023 fail2ban.conf -rw-r--r-- 1 root root 57 Dec 19 2022 fail2ban.local -rw-r--r-- 1 root root 25605 May 20 2023 jail.conf -rw-r--r-- 1 root root 415 Nov 29 15:56 jail.local ... I could see myself doing something like that... So I was relieved it was a typo in the email and not the .local filename. Same issue persists: # fail2ban-client status Status |- Number of jail: 0 `- Jail list: It's been up and running, but still the jail issue is puzzling: # scs fail2ban ● fail2ban.service - Fail2Ban Service Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; preset: disabled) Drop-In: /etc/systemd/system/fail2ban.service.d └─override.conf Active: active (running) since Wed 2023-11-29 15:56:50 CST; 1 day 8h ago Docs: man:fail2ban(1) Process: 4409 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS) Main PID: 4411 (fail2ban-server) Tasks: 3 (limit: 38450) Memory: 14.1M CPU: 3.583s CGroup: /system.slice/fail2ban.service └─4411 /usr/bin/python /usr/bin/fail2ban-server -xf start Nov 29 15:56:50 valkyrie systemd[1]: Starting Fail2Ban Service... Nov 29 15:56:50 valkyrie systemd[1]: Started Fail2Ban Service. Nov 29 15:56:51 valkyrie fail2ban-server[4411]: 2023-11-29 15:56:51,030 fail2ban.configreader [4411]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto' Nov 29 15:56:51 valkyrie fail2ban-server[4411]: Server ready I'll keep looking, any other ideas (even typo type) send them along. -- David C. Rankin, J.D.,P.E.
Hi David, The original version of this email was rejected by the list. I've contacted postmaster as the bounce suggested. So I'll keep it brief and include you as a recipient. You've used ‘enable = true’ but it should be ‘enabled’. https://wiki.archlinux.org/title/Fail2ban#Enabling_jails -- Cheers, Ralph.
On 12/1/23 02:24, Ralph Corderoy wrote:
Hi David,
The original version of this email was rejected by the list. I've contacted postmaster as the bounce suggested. So I'll keep it brief and include you as a recipient.
You've used ‘enable = true’ but it should be ‘enabled’. https://wiki.archlinux.org/title/Fail2ban#Enabling_jails
Holy 54it!! Talk about a forest for the trees issue! Thank you Ralph. That was as bad as FatFS_SPI buried in the middle of a CMakeLists.txt file that should have been FatFs_SPI... I can stare all day and not see the difference and only by picking through the obscure output and .make files do you find it. With the `enable` instead of `enabled` fail2ban didn't spit out any errors or complain, so there wasn't anything visible pointing me to my screw-up... # fail2ban-client status Status |- Number of jail: 3 `- Jail list: dovecot, postfix, sshd Thank you, thank you! If I could send a cold-beer via e-mail, it's yours! -- David C. Rankin, J.D.,P.E.
Hi David,
With the `enable` instead of `enabled` fail2ban didn't spit out any errors or complain, so there wasn't anything visible pointing me to my screw-up...
From a quick glance, fail2ban uses Python's configparser module in two passes, each time looking for a set of things it knows. There is no pass which examines everything found for any unknowns thus no complaints about typos. I'd consider it a bug. fail2ban's authors may disagree. :-) -- Cheers, Ralph.
participants (2)
-
David C. Rankin
-
Ralph Corderoy