Fail2Ban fails to start

Core v12.0.30
Framework v12.0.64
SysAdmin Pro v 12.0.28.4
CentOS 6.5 x64

ERROR Found no accessible config files for 'filter.d/freepbx' under /etc/fail2ban ERROR Unable to read the filter ERROR Errors in jail 'pbx-gui'. Skipping... [FAILED]

Commenting the following lines in jail.local fixes the issue, but not ideal:

[pbx-gui]
enabled  = true
filter   = freepbx
action   = iptables-allports[name=PBX-GUI, protocol=all]
           sendmail[name=PBX-GUI, dest=destemail, sender=senderemail]
logpath  = /var/log/asterisk/freepbx_security.log

I tried a few things out and the only thing I think is failing is “filter = freepbx” - the other lines seem to look fine, or test fine. Is freepbx a valid filter name? Does anybody have other ideas? Should I submit a bug?

Can you share what version of fail2ban is being used?

Latest (I read the other threads first :P):

[code]
[[email protected] /]# yum info fail2ban
Loaded plugins: fastestmirror, presto, security
Loading mirror speeds from cached hostfile

  • base: mirrors.sonic.net
  • epel: mirrors.cat.pdx.edu
  • extras: mirror.web-ster.com
  • rpmforge: repoforge.eecs.wsu.edu
  • updates: centos.sonn.com
    Installed Packages
    Name : fail2ban
    Arch : noarch
    Version : 0.8.14
    Release : 1.el6
    Size : 833 k
    Repo : installed
    From repo : epel
    Summary : Ban IPs that make too many password failures
    URL : http://fail2ban.sourceforge.net/
    License : GPLv2+
    Description : Fail2ban scans log files like /var/log/pwdfail or
    : /var/log/apache/error_log and bans IP that makes too many password
    : failures. It updates firewall rules to reject the IP address.
    :
    : To use the hostsdeny and shorewall actions you must install tcp_wrappers
    : and shorewall respectively.[/code]

This is happening both on our “dev”/failover pbx and production/primary

@Overkill, The issue you are experiencing is because you are using the fail2ban rpm from the epel repo instead of our commercial repo. It appears that your system is not a FreePBX Distro system, so you may want to take a look at the wiki article on Registering your System for Commercial Modules - CentOS and RHEL based systems which will have you grab our commercial repo. If you are still having issues after that, let me know.

@GameGamer43 Thanks for the info. I realized there was no freepbx.conf file in filter.d, as the error message indicated.

Rather than revert to the version available in your repo, I found it was easier to just copy the files over that were missing by using a distro install (I spun up a VM with the distro for times like this).

For people having this same issue who would prefer to follow my route, the files are currently available for your viewing at the link below. Please read them and make the appropriate changes specific to your system; I’m not responsible for anything that happens as a result of you using these files.
http://www.overkillhq.com/downloads/fail2ban.zip

5 Likes

@Overkill You really saved me, as I’ve updated system through the yum update command and it seems that it also updated fail2ban package and did deleted an existing config file (which is very strange, as actually on linux update means that config file should not be deleted). So I had exactly the same error. I’ve downloaded your configs and started successfully.

But I have one more problem. fail2ban.log was empty. I’ve deleted file and restarted service (thought that it’ll be recreated by itself), but I still don’t have any config file. Though I had the path written in fail2ban.conf file and even put log level to DEBUG, but nothing happened :frowning:

I think by enabling the schmooze repositories and yum remove fail2ban and after that yum install fail2ban will get you a freepbx supported fail2ban version.

I come here because I had the same problem after a system reboot. I will send more information about this problem if another person pass here. After restarting my server, I wonder why fail2ban no longer load with the same error message, it seems fail2ban has been updated or installed from the Epel repo and not use the same version of schmooze-commercial repo.

You can easily solve the problem and temporarily disable the EPEL repo:

  1. Remove fail2ban from epel repo " yum remove fail2ban "

  2. Install fail2ban from schmooze repo " yum --disablerepo=epel install fail2ban "

  3. Restart fail2ban and enjoy all working perfectly !

1 Like

I have 7-8 production systems out in the world. I have experienced the exact same issue after yum updates.

PBX Version:15.0.17.43
PBX Distro:12.7.8-2107-3.sng7
Asterisk Version:16.17.0

Using WinSCP and copying the apache-api.conf from a good working machine to the failed worked. In any event this saved me. Thank you for your post.