Fail2ban wouldn't start after upgrade to FreePBX 16 and subsequent update

FreePBX Security
,
1

FreePBX 16.0.26 / all modules current

A week or so ago I downloaded the FreePBX 16 distro and did a clean install on a Virtualbox VM. I then copied a backup from my previous FreePBX 15 (which had been running great BTW) on another Virtualbox VM and restored this backup to FreePBX 16. I then updated FreePBX 16:

sudo yum update
sudo fwconsole ma upgradeall

and was pleased to see that FreePBX 16 appeared to be working well, except that FOP2 wouldn’t start because of a licensing issue (but that’s another story).

Today, however. after a further update of FreePBX 16 a couple of days ago, i.e.:

sudo yum update
sudo fwconsole ma upgradeall

I noticed that in the System Overview of the FreePBX dashboard that Fail2Ban was not running. I tried restarting it, which was unsuccessful, but which did point to an issue with the zulu module:

$ sudo fail2ban-client -x start
ERROR Found no accessible config files for ‘filter.d/zulu’ under /etc/fail2ban
ERROR Unable to read the filter
ERROR Errors in jail ‘zulu’. Skipping…
$

After some Googling, I decided to comment out the zulu section in /etc/fail2ban/jail.local, as follows:

$ cd /etc/fail2ban
$ sudo mv jail.local jail-orig.local
$ sudo cp jail-orig.local jail.local
$ ls -l
total 32
drwxr-xr-x. 2 root root 4096 Nov 16 19:22 action.d
-rw-r–r–. 1 root root 1525 Aug 19 2014 fail2ban.conf
drwxr-xr-x. 2 root root 6 Jan 5 2022 fail2ban.d
-rw-r–r–. 1 root root 172 Jan 5 2022 fail2ban.local
drwxr-xr-x. 2 root root 4096 Nov 21 13:29 filter.d
-rw-r–r–. 1 root root 2209 Jan 5 2022 jail.conf
drwxr-xr-x. 2 root root 6 Jan 5 2022 jail.d
-rw-r–r-- 1 root root 2936 Nov 21 13:30 jail.local
-rw-r–r-- 1 root root 2936 Nov 21 13:28 jail-orig.local
$ cat jail.local

[zulu]
enabled = true
filter = zulu
action = iptables-allports[name=zulu, protocol=tcp]
sendmail[name=zulu, [email protected], [email protected]]
logpath = /var/log/asterisk/zulu_out.log

$ sudo vi jail.local
$ cat jail.local

# [zulu]
# enabled = true
# = zulu
# = iptables-allports[name=zulu, protocol=tcp]
# sendmail[name=zulu, [email protected], [email protected]]
# logpath = /var/log/asterisk/zulu_out.log

$ sudo fail2ban-client -x start
2022-11-21 13:33:45,985 fail2ban.server [2187]: INFO Starting Fail2ban v0.8.14
2022-11-21 13:33:45,986 fail2ban.server [2187]: INFO Starting in daemon mode
$

That appeared to fix the problem, as Fail2Ban was now showing as running in the System Overview of the FreePBX dashboard, as well as in Intrusion Detection in Admin=>System Admin in the FreePBX GUI.

After a reboot of FreePBX, this issue appears to have been fixed. I only report this so it may be of help to someone else with the same issue.

In addition I uninstalled and subsequently removed the zulu module in Admin=>Module Admin

1 Like
2

I had the same issue.

When I ran the recovery I had to do it 4-8 Modules at a time in order to not to break fail2ban.

I saw that same solution. It didn’t work for me😢

3

@idho0618

When I ran the recovery I had to do it 4-8 Modules at a time in order to not to break fail2ban.

This description doesn’t make clear what exactly was done, nor how. Can you elaborate? Is your fail2ban currently working?

In addition I uninstalled and subsequently removed the zulu module in Admin=>Module Admin

I’m curious if this issue could have been addressed simply by uninstalling and removing the zulu module.

1 Like
4

Our fail2ban broke the same way yours did, after an update. We didn’t have a vm w/ snapshots so we had to use the restore module.

When we tried to do a full system restore, fail2ban was still broken after the restore. But, when we restored 4-8 modules at a time for some reason fail2ban didn’t break. not sure if we were a 1 off. But, that is what worked for us.

I wanted to let you know that you were not the only person that had fail2ban break after an update on a fully patched PBXact system. Yes, our fail2ban is currently working after our fix.

Did your instance/fail2ban stop working with your solution? If so please feel free to ping me.

I tried that but it didn’t work for us.

Your write-up w/ the work the others did on the prev post saved us. Thank you so much for posting.

5

@idho0618

… fail2ban break after an update on a fully patched PBXact system…

…We didn’t have a vm w/ snapshots so we had to use the restore module…

Just to clarify, I’m not using PBXact, but rather FreePBX 15 and 16 on two different Virtualbox VMs (virtual machines) both running on a Mac Pro host system. Nor did I use snapshots, but rather I did a backup of FreePBX 15 using Admin=>Backup & Restore from the FreePBX GUI, and then after a virgin install of FreePBX 16 from the distro (i.e., the downloaded ISO), I copied the FreePBX 15 backup to the new FreePBX 16 and performed a restore from Admin=>Backup & Restore.

Did your instance/fail2ban stop working with your solution?

As my initial post indicated, after commenting out the zulu section in jail.local:


# [zulu]
# enabled = true
# = zulu
# = iptables-allports[name=zulu, protocol=tcp]
# sendmail[name=zulu, [email protected],
# logpath = /var/log/asterisk/zulu_out.log

fail2ban started to work, and is working still.

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.