Re: fail2ban problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I run strace -s 512 -f -F -p 9406
9406 is fail2ban-server pid

9406  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 1,
30000) = 0 (Timeout)
...

I think that the problem is not in server but the way actions "attached"
to iptables.
Python maybe?

Thanks again...

On 10/4/2013 2:30 μμ, Banyan He wrote:
> strace -s 512 -f -F -p <pid>
>
> e.g.
> strace -s 512 -f -F -p 19420
>
> You can use -o <output> to redirect the output to a file. That would
> be easier to check later then.
> ------------
> Banyan He
> Blog: http://www.rootong.com
> Email: banyan@xxxxxxxxxxx
> On 4/10/2013 7:19 PM, Nikos Gatsis - Qbit wrote:
>> yes it doesn't!
>> i have never work with strace. Any suggestions?
>>
>> thank you
>>
>>
>>
>> On 10/4/2013 2:10 μμ, Banyan He wrote:
>>> This doesn't look enough for tracking. How about strace? Did you
>>> find anything interesting?
>>> ------------
>>> Banyan He
>>> Blog: http://www.rootong.com
>>> Email: banyan@xxxxxxxxxxx
>>> On 4/10/2013 6:52 PM, Nikos Gatsis - Qbit wrote:
>>>> debug:
>>>>
>>>> fail2ban.server : INFO   Changed logging target to
>>>> /var/log/fail2ban.log for Fail2ban v0.8.7
>>>> fail2ban.comm   : DEBUG  Command: ['add', 'sasl-iptables', 'polling']
>>>> fail2ban.jail   : INFO   Creating new jail 'sasl-iptables'
>>>> fail2ban.comm   : WARNING Invalid command: ['add', 'sasl-iptables',
>>>> 'polling']
>>>>
>>>> fail2ba-server starts, but dont add rures in iptables.
>>>>
>>>> Thank you
>>>>
>>>>
>>>> On 10/4/2013 1:31 μμ, Banyan He wrote:
>>>>> Try strace to follow all fork/exec to see which command is
>>>>> invalid. Or, debug log?
>>>>>
>>>>> ------------
>>>>> Banyan He
>>>>> Blog: http://www.rootong.com
>>>>> Email: banyan@xxxxxxxxxxx
>>>>>
>>>>> On 4/10/2013 6:06 PM, Nikos Gatsis - Qbit wrote:
>>>>>> Hello list
>>>>>> I'm trying to setup fail2ban specially sasl action but I'm facing
>>>>>> problems.
>>>>>> I have centos-release-5-9.el5.centos.1
>>>>>> and
>>>>>> fail2ban-0.8.7.1-1.el5.rf
>>>>>> installed
>>>>>> with selinux disabled
>>>>>>
>>>>>> The errors I get are:
>>>>>> INFO   Creating new jail 'sasl-iptables'
>>>>>> fail2ban.comm   : WARNING Invalid command: ['add', 'sasl-iptables',
>>>>>> 'polling']
>>>>>>
>>>>>> I tried gemin against polling but I get the same error.
>>>>>> The strange thing is that if I enable ssh action, starts with no
>>>>>> problem.
>>>>>> So it appears to be problem with sasl action, witch is:
>>>>>>
>>>>>> [sasl-iptables]
>>>>>>
>>>>>> enabled  = true
>>>>>> filter   = sasl
>>>>>> backend  = polling
>>>>>> action   = iptables-multiport[name=sasl,
>>>>>> port="imap,imaps,pop3,pop3s,smtp", protocol=tcp]
>>>>>>             sendmail-whois[name=sasl, dest=my@email]
>>>>>> logpath  = /var/log/maillog
>>>>>>
>>>>>> The same setup I have in several mailserver (fedora and centos 6
>>>>>> distro)
>>>>>> and all work fine.
>>>>>>
>>>>>> Does someone faced the same problem?
>>>>>>
>>>>>> Thak you in advance.
>>>>>>
>>>>>
>>>>>
>>>>
>>>> -- 
>>>> Untitled Document
>>>> ------------------------------------------------------------------------
>>>> *Γατσής Νίκος - Gatsis Nikos*
>>>> Web developer
>>>> tel.: 2108256721 - 2108256722
>>>> fax: 2108256712
>>>> email: ngatsis@xxxxxxx
>>>> http://www.qbit.gr
>>>
>>
>> -- 
>> Untitled Document
>> ------------------------------------------------------------------------
>> *Γατσής Νίκος - Gatsis Nikos*
>> Web developer
>> tel.: 2108256721 - 2108256722
>> fax: 2108256712
>> email: ngatsis@xxxxxxx
>> http://www.qbit.gr
>

-- 
Untitled Document
------------------------------------------------------------------------
*Γατσής Νίκος - Gatsis Nikos*
Web developer
tel.: 2108256721 - 2108256722
fax: 2108256712
email: ngatsis@xxxxxxx
http://www.qbit.gr
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos





[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux