fail2ban will not start due to an error in Distro installation.
This is a repeatable error: (3 installs)
using the following command to debug fail2ban error:
fail2ban-client -vvvvvvvvvvvvvvvvvv start
ERROR Found no accessible config files for ‘filter.d/apache-api’ under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail ‘apache-api’. Skipping…
If you go into the file jail.local and change the enabled = true to false
enabled = true
filter = apache-api
action = iptables-multiport[name=api, protocol=tcp, port=“http,https”]
sendmail[name=api, [email protected], [email protected]]
logpath = /var/log/httpd/*access_log
fail2ban will restart and run from the CLI.
BUT if you restart fail2ban in the GUI, it changes the false back to true and fail2ban STOPS RUNNING again.
generates the necessary file. Checking the incron log shows that this was run but did not yield any resulting file. The hook is Zend encrypted so I can’t check the contents or tell why it’s not working.
@lgaetz - can you confirm that there’s a ticket for this?
Excellent Andrew. I confirm the command you provided created the missing filter.d/apache-api.conf
Now, the question is, why was this file missing from a default DISTRO installation?
Great question. I don’t use the Firewall module but I know there have been issues relating to this going back a few months (July?). If I’m remembering everything correctly,
@yois submitted a PR to help but it probably needs someone with a Sangoma hat to take a look at it because it’s tightly integrated with the Sysadmin module which is closed source.
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.