chuckjuhl
(chuckjuhl)
September 19, 2021, 11:18pm
1
PBX Version: 14.0.16.11
PBX Distro: 12.7.8-2107-3.sng7
Asterisk Version: 13.38.1
SysAdmin Version: 14.0.39.33
fail2ban version: 0.8.17-76.sng6
If this has been addressed in another post, please point me to it. The only other posts concerning this i found were for FreePBX 15.
chuckjuhl
(chuckjuhl)
September 19, 2021, 11:25pm
2
Current PBX Version: 14.0.16.11
Current System Version: 12.7.8-2107-3.sng7
Total Module Count: 112
Enabled: 110
Disabled: 1
The numbers below may be inaccurate if new modules have been released since the last check:
Last online check: 2021-09-19T00:40:27+00:00
Modules with Upgrades: 0
System Upgrades Available: 0
chuckjuhl
(chuckjuhl)
September 20, 2021, 5:49am
3
Restarting fail2ban
fail2ban Restart failed Failed: The command “systemctl restart fail2ban” failed.
Exit Code: 1(General error)
Working directory: /root
Output:
Error Output:
Job for fail2ban.service failed because the control process exited with error co de. See “systemctl status fail2ban.service” and “journalctl -xe” for details.
dicko
(dicko)
September 20, 2021, 5:56am
4
From the top, start with
systemctl status fail2ban
and post the result. It will likely show that
/usr/bin/fail2ban-client -x start
failed, so run that in a shell and it will tell what got screwed up.
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:24am
5
[root@freepbx ~]# systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled; vendor pr eset: disabled)
Active: failed (Result: start-limit) since Sun 2021-09-19 23:09:00 PDT; 14min ago
Process: 31050 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, statu s=255)
Process: 31049 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=exited, stat us=0/SUCCESS)
Main PID: 1820 (code=killed, signal=TERM)
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: fail2ban.service: control p…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: Failed to start Fail2Ban Se…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: Unit fail2ban.service enter…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: fail2ban.service failed.
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: fail2ban.service holdoff ti…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: Stopped Fail2Ban Service.
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: start request repeated too …
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: Failed to start Fail2Ban Se…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: Unit fail2ban.service enter…
Sep 19 23:09:00 freepbx.sangoma.local systemd[1]: fail2ban.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
[root@freepbx ~]#
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:28am
6
Now have two installations with the same issue. both after recent auto updates for security issues (?). Both running the same version of the distro. both hosted with Sangoma’s cloud service.
I get the following in the GUI Dashboard:
There is 1 module vulnerable to security threats
manager (Cur v. 13.0.2.9) should be upgraded to v. 13.0.2.10 to fix security issues: SEC-2021-010
However I show no modules that have pending upgrades in Module Admin.
dicko
(dicko)
September 20, 2021, 6:37am
7
As soon as you post the output from /usr/bin/fail2ban-client -x start
we can likely have you on your way.
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:42am
8
The output I get from /usr/bin/fail2ban-client -x
from the command line asks for options
[root@freepbx ~]# /usr/bin/fail2ban-client -x
Usage: /usr/bin/fail2ban-client [OPTIONS]
Fail2Ban v0.8.14 reads log file that contains password failure report
and bans the corresponding IP addresses using firewall rules.
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:45am
9
[root@freepbx ~]# /usr/bin/fail2ban-client -x start
ERROR No file(s) found for glob /var/log/asterisk/zulu_out.log
ERROR Failed during configuration: Have not found any log file for zulu jail
[root@freepbx ~]#
dicko
(dicko)
September 20, 2021, 6:45am
10
The 'option ’ you missed that I posted is ‘start’
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:46am
11
Sorry about that - cut and paste missed the start Got it the second try.
dicko
(dicko)
September 20, 2021, 6:47am
12
Quick work around
touch /var/log/asterisk/zulu_out.log
(someone needs to post a bug to get that fixed.)
1 Like
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:48am
13
[root@freepbx ~]# touch var/log/asterisk/zulu_out.log
touch: cannot touch ‘var/log/asterisk/zulu_out.log’: No such file or directory
dicko
(dicko)
September 20, 2021, 6:51am
14
My typo /var/log/asterisk/zulu_out.log .
1 Like
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:51am
15
Looks like the repository servers are down at the moment. Getting this message when checking module admin on several FreePBX installations.
Warning: Cannot connect to online repository(s) (http://mirror1.freepbx.org ,http://mirror2.freepbx.org ). Online modules are not available.
dicko
(dicko)
September 20, 2021, 6:53am
16
That’s not relevant to this thread, start a new one.
chuckjuhl
(chuckjuhl)
September 20, 2021, 6:56am
17
touch /var/log/asterisk/zulu_out.log
That fixed the fail2ban issue.
dicko
(dicko)
September 20, 2021, 6:59am
18
Not fixed, just worked around. Post a bug.
chrischevy
(chrischevy)
September 23, 2021, 9:38pm
20
This didn’t fix it for me (brand new install, all updates done)
/usr/bin/fail2ban-client -x start
gives me this:
[root@freepbx ~]# /usr/bin/fail2ban-client -x start
ERROR Found no accessible config files for 'filter.d/apache-api' under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail 'apache-api'. Skipping...