@lgaetz - I finally was able to repro, and the issue seems to be coming from here:
ERROR Found no accessible config files for 'filter.d/apache-api' under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail 'apache-api'. Skipping...
As far as I can tell on the system I have, the file
/etc/fail2ban/filter.d/apache-api
Is created when sysadmin 15.0.21.66 is installed.
I have that version of sysadmin and the file does not exist
My server was on .55 when this started for what that’s worth.
Manually running
/var/www/html/admin/modules/sysadmin/hooks/fail2ban-apache-config
generates the necessary file. Checking the incron log shows that this was run but did not yield any resulting file. The hook is Zend encrypted so I can’t check the contents or tell why it’s not working.
@lgaetz - can you confirm that there’s a ticket for this?
Did you guys yum update
recently? I just added a new Distro and started with yum update
which yielded this update:
sangoma-pbx-2107-3.sng7.noarch.rpm
then module upgrade and fail2ban (and everything else) are loading fine.
I mention it because the sangoma-pbx package does some work on apache.
I spoke too soon. For some reason I thought it had started fine but then checked on it later and found the service had stopped with the same error as others reported. Ran the hook and solved.
Edit: I know what happened. I ran the yum update
and fwconsole ma upgradeall
and checked that services were running before I set up the firewall. After the updates I went through the out-of-box experience in the GUI where I configured the firewall. Once firewall was enabled, fail2ban stopped.
Hi,
This issue is fixed in sysadmin 15.0.21.66, can you guys please try to run
fwconsole ma downloadinstall sysadmin --tag 15.0.21.66 -f
from CLI and try to restart fail2ban.
Thank you.
This seemed to fix it for me. Thank you.
I still get the same message about See “systemctl status fail2ban.service” and “journalctl -xe” for details.
It seems there was a typo. Try tag 15.0.21.67
Now I get a slightly different message that includes: .
To force a start use “systemctl reset-failed fail2ban.service” followed by “sysemctl start fail2ban.service” again.
Can’t tell what’s happening after doing the first command but after the second command I’m back to square 1
Do I need to reboot?
Has Fail2ban issue been resolved yet? I have FreePBX 15 PBXes that wont start Fail2Ban, even after upgrading sysadmin.
I dont think so. I just tried upgrading sys admin and the firewall and see no difference.
Did either of you try this:
Yes and that did not work, same error message. I looked through all of these recent threads before I left the question asking if it was resolved