Tony Mountifield wrote:
> In article <1446132814771.22431@xxxxxxxxxxxxxxxxx>,
> Eriksson, Thomas <thomas.eriksson@xxxxxxxxxxxxxxxxx> wrote:
>> This should probably be a bug report for the fail2ban EPEL maintainer,
>> the problem was introduced in version 0.9.3
>>
>> >From the file /etc/fail2ban/action.d/iptables-common.conf
>> ...
>> # Option: lockingopt
>> # Notes.: Option was introduced to iptables to prevent multiple
>> instances from
>> # running concurrently and causing irratic behavior. -w was
>> introduced
>> # in iptables 1.4.20, so might be absent on older systems
>> # See https://github.com/fail2ban/fail2ban/issues/1122
>> # Values: STRING
>> lockingopt = -w
>> ...
>>
>> Now, CentOS 6.7 has iptables 1.4.7 and the "wait" option does not seem
>> to have been backported by RedHat, so the EPEL package for EL6 should
>> probably not have this as the default.
>>
>> My workaround was to create a file
>> /etc/fail2ban/action.d/iptables-common.local that contains
>> ...
>> [Init]
>> lockingopt =
>> ...
>
> Looks like it has been fixed in the update fail2ban-0.9.3-1.el6.1
>
Thanks to Thomas, and I created the .local file. Thanks to Tony, and I
just updated fail2ban, checked iptables-common.conf, and then rm'd the
.local file.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
