Intrusion detection won't startú

New installation of freePBX 16

This is still a problem

failban is running but intruder detection will not start

In order to get fail2ban to start, I have rm /etc/fail2ban/jail.local

Then I try to start Intrusion Detection. It won’t start and fail2ban craps out.

. [[email protected] fail2ban]# systemctl status fail2ban | more ● fail2ban.service - Fail2Ban Service Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled) Active: failed (Result: start-limit) since Sun 2022-03-27 08:35:20 +07; 5min ago Process: 7332 ExecStop=/usr/bin/fail2ban-client stop (code=exited, status=0/SUCCESS) Process: 7497 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255) Process: 7495 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=exited, status=0/SUCCESS) Main PID: 7287 (code=exited, status=0/SUCCESS) Mar 27 08:35:20 freepbx16oncentos78-s-1vcpu-1gb-amd-sfo3-01 systemd[1]: fail2ban.service: cont--More--

It won’t start again until I remove jail.local again

U P D A T E

I have reinstalled. Now there is no Intrusion Detection tab in the firewall settings.

Fail2ban is active.

I have cleared the cache, as was suggested

from the command line take a look at the following:

systemctl status fail2ban
or
systemctl start fail2ban

tail /var/log/fail2ban.log

and finally

cat /var/log/messages | grep fail2

one should give a clue as to why

Fail2ban is running. The only thing I see is this in messages

an-client: ERROR  Found no accessible config files for 'filter.d/apache-api' under /etc/fail2ban

I don’t know what it means

it means that you don’t have that file, until someone tells you how to fix that

touch  /etc/fail2ban/filter.d/apache-api.conf

will fix that but of course the apache-api jail won’t work.

Not a solution

Think to update the O.S and FreePBX module after install.

  • yum update -y
  • fwconsole ma updateall
    This issue has been fixed a long time ago.

Oops. Hadn’t activated it yet. Problem solved

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.