Fail2Ban and OpenSuse 10.3
i have installed fail2ban like described in the howto Preventing Brute Force Attacks With Fail2ban On OpenSUSE 10.3.
The installation completed without errors or warnings. The only jail i configuered and acitvated is ssh-iptables.
Fail2Ban works and i receive eMails when it stops or starts.
In fail2ban.log is this comment: fail2ban.filter: WARNING Unable to find a corresponding IP address for mail.szitcons.ch
i tried several false logins with putty and ssh but no reaction.
Then i tried the same install on an other System with Suse 10.0 an everything works alright.
The only difference i found is the version of python. On Suse 10.3 is python-2.5.1-39.2 an on the Suse 10.0 is python-2.4.1-3.5
hope somebody could help...
Do you have valid DNS servers in /etc/resolv.conf?
What's the output of
my nameserver in resolv.conf is 192.168.200.1
; <<>> DiG 9.4.1-P1 <<>> mail.szitcons.ch
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1031
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.szitcons.ch. IN A
;; ANSWER SECTION:
mail.szitcons.ch. 5467 IN A 188.8.131.52
;; Query time: 29 msec
;; SERVER: 192.168.200.1#53(192.168.200.1)
;; WHEN: Sun Jul 27 08:59:15 2008
;; MSG SIZE rcvd: 50
Hm, looks ok.
Did you disable AppArmor?
I have not installed AppArmor at all.
It seems that Fail2Ban even does not read the whole file /var/log/messages but only some lines.
i think i am blind! You were right.
The IP 192.168.200.1 in /etc/resolv.com is not a valid DNS Server.
I changed it and now it works.
Thanks a lot,
|All times are GMT +2. The time now is 19:03.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.