Fail2ban wont start

bksales · July 13, 2021, 8:16pm

I tried clearing the cache and using different browsers, so I dont think it has to do with this

Also tried rolling the firewall back to earlier version (15.0.8.9 vs 15.0.8.14), no change

Tried upgrading to edge track (15.0.12). Same result.

On another server with a similar problem I saw something about a mention ofthe zulu jail in fail2ban. I tried running the commands I found in another thread that seem to have no affect. Also tried disabling zulu with no luck.

The fail2ban log is being written to but i dont see anyone being blocked

dicko · July 13, 2021, 8:30pm

Come on @jcolp , merge it

jcolp · July 13, 2021, 8:31pm

I’ll let the @lgaetz character merge it if he wishes.

dicko · July 13, 2021, 8:34pm

You guys might want to follow a similarly named thread current on this forum . . .

lgaetz · July 14, 2021, 1:06pm

yois · July 14, 2021, 2:49pm

@lgaetz - I finally was able to repro, and the issue seems to be coming from here:

ERROR Found no accessible config files for 'filter.d/apache-api' under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail 'apache-api'. Skipping...

lgaetz · July 14, 2021, 3:01pm

As far as I can tell on the system I have, the file

/etc/fail2ban/filter.d/apache-api

Is created when sysadmin 15.0.21.66 is installed.

yois · July 14, 2021, 3:07pm

I have that version of sysadmin and the file does not exist

bksales · July 14, 2021, 4:48pm

My server was on .55 when this started for what that’s worth.

yois · July 14, 2021, 4:57pm

Manually running
/var/www/html/admin/modules/sysadmin/hooks/fail2ban-apache-config

generates the necessary file. Checking the incron log shows that this was run but did not yield any resulting file. The hook is Zend encrypted so I can’t check the contents or tell why it’s not working.

@lgaetz - can you confirm that there’s a ticket for this?

ashcortech · July 14, 2021, 6:50pm

This fixed it for me

billsimon · July 14, 2021, 7:14pm

Did you guys yum update recently? I just added a new Distro and started with yum update which yielded this update:

sangoma-pbx-2107-3.sng7.noarch.rpm

then module upgrade and fail2ban (and everything else) are loading fine.

I mention it because the sangoma-pbx package does some work on apache.

yois · July 14, 2021, 7:35pm

I repro’d on 2107 too, so that’s not the issue.

billsimon · July 14, 2021, 7:50pm

I spoke too soon. For some reason I thought it had started fine but then checked on it later and found the service had stopped with the same error as others reported. Ran the hook and solved.

Edit: I know what happened. I ran the yum update and fwconsole ma upgradeall and checked that services were running before I set up the firewall. After the updates I went through the out-of-box experience in the GUI where I configured the firewall. Once firewall was enabled, fail2ban stopped.

psandesh · July 15, 2021, 4:45am

Hi,
This issue is fixed in sysadmin 15.0.21.66, can you guys please try to run

fwconsole ma downloadinstall sysadmin --tag 15.0.21.66 -f

from CLI and try to restart fail2ban.

Thank you.

cloudpbxfuzz · July 15, 2021, 12:25pm

This seemed to fix it for me. Thank you.

bksales · July 15, 2021, 8:52pm

I still get the same message about See “systemctl status fail2ban.service” and “journalctl -xe” for details.

yois · July 15, 2021, 9:08pm

It seems there was a typo. Try tag 15.0.21.67

bksales · July 15, 2021, 9:39pm

Now I get a slightly different message that includes: .
To force a start use “systemctl reset-failed fail2ban.service” followed by “sysemctl start fail2ban.service” again.

Can’t tell what’s happening after doing the first command but after the second command I’m back to square 1

Do I need to reboot?

jlizzotte04 · July 19, 2021, 5:21pm

Has Fail2ban issue been resolved yet? I have FreePBX 15 PBXes that wont start Fail2Ban, even after upgrading sysadmin.