fail2ban ban not working

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I have fail2ban on my mail server monitoring Dovecot and Exim.

I have noticed that it has stopped banning IP's.  I have seen in /var/log/fail2ban.log:

2020-04-07 09:42:05,875 fail2ban.filter         [16138]: INFO    [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05
2020-04-07 09:42:06,408 fail2ban.actions        [16138]: NOTICE  [dovecot] Ban 77.40.61.224
2020-04-07 09:42:06,981 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- exec: ipset create f2b-dovecot hash:ip timeout 3600000
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports 0:65535 -m set --match-set f2b-dovecot src -j REJECT --reject-with icmp-port-unreachable
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: "ipset v7.1: Syntax error: '3600000' is out of range 0-2147483"
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: "Error: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: Set f2b-dovecot doesn't exist."
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: ''
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: 'Error occurred at line: 2'
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: "Try `iptables-restore -h' or 'iptables-restore --help' for more information."
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- stderr: ''
2020-04-07 09:42:06,982 fail2ban.utils          [16138]: ERROR   7ff736d6f930 -- returned 13

In /var/log/firewalld I got

2020-04-07 09:42:06 ERROR: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: Set f2b-dovecot doesn't exist.

Error occurred at line: 2
Try `iptables-restore -h' or 'iptables-restore --help' for more information.

Looking back at my logs, this has been going on some time. Any advice on fixing this would be appreciated
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux