HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   HOWTO-Related Questions (
-   -   Fail2Ban and OpenSuse 10.3 (

Libor 25th July 2008 12:24

Fail2Ban and OpenSuse 10.3

i have installed fail2ban like described in the howto Preventing Brute Force Attacks With Fail2ban On OpenSUSE 10.3.

The installation completed without errors or warnings. The only jail i configuered and acitvated is ssh-iptables.

Fail2Ban works and i receive eMails when it stops or starts.

In fail2ban.log is this comment: fail2ban.filter: WARNING Unable to find a corresponding IP address for

i tried several false logins with putty and ssh but no reaction.

Then i tried the same install on an other System with Suse 10.0 an everything works alright.

The only difference i found is the version of python. On Suse 10.3 is python-2.5.1-39.2 an on the Suse 10.0 is python-2.4.1-3.5

hope somebody could help...

Thanks, Libor

falko 26th July 2008 12:12

Do you have valid DNS servers in /etc/resolv.conf?
What's the output of


Libor 27th July 2008 14:39

Hi Falko,

my nameserver in resolv.conf is

dig says:

; <<>> DiG 9.4.1-P1 <<>>
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1031
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

; IN A


;; Query time: 29 msec
;; WHEN: Sun Jul 27 08:59:15 2008
;; MSG SIZE rcvd: 50

bye, Libor

falko 28th July 2008 15:41

Hm, looks ok.
Did you disable AppArmor?

Libor 28th July 2008 16:28

I have not installed AppArmor at all.

It seems that Fail2Ban even does not read the whole file /var/log/messages but only some lines.

Libor 29th July 2008 09:09

Hi Falko,
i think i am blind! You were right.
The IP in /etc/ is not a valid DNS Server.
I changed it and now it works.

Thanks a lot,

All times are GMT +2. The time now is 13:24.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.