Fail2ban not starting - Default installation STABLE SNG7-PBX-64bit-2104-1

fail2ban will not start due to an error in Distro installation.
This is a repeatable error: (3 installs)

using the following command to debug fail2ban error:
fail2ban-client -vvvvvvvvvvvvvvvvvv start

ERROR Found no accessible config files for ‘filter.d/apache-api’ under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail ‘apache-api’. Skipping…

If you go into the file jail.local and change the enabled = true to false

[apache-api]
enabled = true
filter = apache-api
action = iptables-multiport[name=api, protocol=tcp, port=“http,https”]
sendmail[name=api, [email protected], [email protected]]
logpath = /var/log/httpd/*access_log

fail2ban will restart and run from the CLI.
BUT if you restart fail2ban in the GUI, it changes the false back to true and fail2ban STOPS RUNNING again.

Try running /var/www/html/admin/modules/sysadmin/hooks/fail2ban-apache-config

Excellent Andrew. I confirm the command you provided created the missing filter.d/apache-api.conf
Now, the question is, why was this file missing from a default DISTRO installation?

Great question. I don’t use the Firewall module but I know there have been issues relating to this going back a few months (July?). If I’m remembering everything correctly, @yois submitted a PR to help but it probably needs someone with a Sangoma hat to take a look at it because it’s tightly integrated with the Sysadmin module which is closed source.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.