Failtoban service will not stay running


(Jerry Warner) #1

I’m running 15.0.17.37 with Asterisk 13.38.2
My Dashboard shows Fail2ban service isn’t running. When I got to the page to restart it I see a notice that there’s been a recent update so I cleared my cache and refreshed the page. I still can’t get it to stay running. I even tried using a totally different browser but I still can’t get it to stay running. Is there something else I’m missing? I tried to grab the log file while restarting the service but I don’t see anything in it so maybe I’m grabbing the wrong logs. How do I get this service to keep running?

2305	[2021-07-01 10:13:38] VERBOSE[12117] chan_iax2.c: Registered IAX2 to '204.16.90.9:4569', who sees us as xx.xxx.xxx.xx:4569 with no messages waiting	
2306	[2021-07-01 10:28:21] VERBOSE[12045] asterisk.c: Remote UNIX connection	
2307	[2021-07-01 10:28:21] VERBOSE[8592] asterisk.c: Remote UNIX connection disconnected	
2308	[2021-07-01 10:28:21] VERBOSE[12045] asterisk.c: Remote UNIX connection	
2309	[2021-07-01 10:28:21] VERBOSE[8594] asterisk.c: Remote UNIX connection disconnected	
2310	[2021-07-01 10:28:21] VERBOSE[12045] asterisk.c: Remote UNIX connection	
2311	[2021-07-01 10:28:21] VERBOSE[8596] asterisk.c: Remote UNIX connection disconnected

(TheJames) #2

Those logs are normal and not related to your issue. I believe fail2ban has its own logs.


(Jerry Warner) #3

Do you know how I access them to determine why it’s not running?


(TheJames) #4

I’m not near a system but my guess would be /var/log/fail2ban …


(Jerry Warner) #5

The most recent log is dated a couple of days ago. I see an error at the top of the page?

2021-06-11 03:11:01,831 fail2ban.server [11047]: INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.14
2021-06-11 03:11:03,018 fail2ban.filter [11047]: ERROR Unable to open /var/log/fail2ban.log-20210325
2021-06-11 03:11:03,018 fail2ban.filter [11047]: ERROR [Errno 2] No such file or directory: ‘/var/log/fail2ban.log-20210325’
Traceback (most recent call last):
File “/usr/share/fail2ban/server/filter.py”, line 556, in getFailures
has_content = container.open()
File “/usr/share/fail2ban/server/filter.py”, line 637, in open
self.__handler = open(self.__filename)
IOError: [Errno 2] No such file or directory: ‘/var/log/fail2ban.log-20210325’ 2021-06-28 09:19:47,633 fail2ban.server [11047]: INFO Stopping all jails

And the then it goes on until it ends with this:

2021-06-28 09:19:48,338 fail2ban.jail [11047]: INFO Jail ‘apache-tcpwrapper’ stopped
2021-06-28 09:19:49,257 fail2ban.jail [11047]: INFO Jail ‘recidive’ stopped
2021-06-28 09:19:50,249 fail2ban.jail [11047]: INFO Jail ‘ssh-iptables’ stopped
2021-06-28 09:19:50,365 fail2ban.jail [11047]: INFO Jail ‘apache-badbots’ stopped
2021-06-28 09:19:51,188 fail2ban.jail [11047]: INFO Jail ‘pbx-gui’ stopped
2021-06-28 09:19:51,596 fail2ban.jail [11047]: INFO Jail ‘asterisk-iptables’ stopped
2021-06-28 09:19:52,410 fail2ban.jail [11047]: INFO Jail ‘vsftpd-iptables’ stopped
2021-06-28 09:19:52,411 fail2ban.server [11047]: INFO Exiting Fail2ban


(Chris Dolese) #6

try moving the old logs out of the way and restarting the service

[pbx]# mv /var/log/asterisk/fail2ban.* /tmp && mv /var/log/asterisk/fail2ban-* /tmp

then

service fail2ban restart

monitor with

service fail2ban status


(Jerry Warner) #7

I did something a bit drastic. I restarted the entire machine. I took everyone down for a bit of course but it seems to have worked. Fail2ban is running again


(TheJames) #8

There is nothing worse than resetting that uptime counter lol But sometimes it’s needed


(Jerry Warner) #9

Funny how that becomes important to us isn’t it? But yes, I was sorry to see it get reset. I drive a Chevy Volt with a lifetime average of 135 mpg. I hate to see the days when the engine actually starts even though that’s the very reason I have an engine in the first place.

I’m just happy it worked. Often the reboot doesn’t correct whatever was wrong.


(Jared Busch) #10

Large uptime counter are bad. How do you even know the system will actually boot next time? You don’t.

I update systems with a script. The end of the script checks for me…


#11

Agree, but the reboot itself has some risks and entails some administrative hassle. IMO 90 or 180 days is a reasonable compromise.


(Jerry Warner) #12

Maybe it’s just me but any time I have to reboot a system it’s a nervous time. It doesn’t matter how long it’s been since the last boot. I hold my breath every time.

In my case it’s made worse because of my limited Linux knowledge and lack of confidence that my backups are correct or will restore correctly. I’ve only done a FreePBX restore once and it went pretty poorly. That was before the did all that work on the backup and restore module but it still makes me really nervous. I need something more idiot proof for someone with my limited skills. But that’s clearly my own fault.