Hello,
I installed fail2ban in opensuse 11.3 server. After restarted status shows
www:~ # fail2ban-client status
Status
|- Number of jail: 0
`- Jail list:
But I do have apache and pureftpd fail active, and of course fail2ban is not banning. I notice that the fail2ban log file is old no new entries on it.
I do have ipatables on but is fail2ban is not active.
www:~ # iptables -n -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED
input_ext all -- 0.0.0.0/0 0.0.0.0/0
input_ext all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0
www:~ #
Here is my jail file..
[apache-nohome]
enabled = true
filter = apache-nohome
action = iptables-multiport[name=apache-nohome, port="http,https"]
sendmail-buffered[name=apache-nohome, lines=5,
dest=admin@wwwwwww.xxx]
[name=apache-overflows, port=http,https, protocol=tcp]
logpath = /var/log/apache2/error_log
bantime = 86400
maxretry = 1
[pureftpd-iptables]
enabled = true
filter = pure-ftpd
action = iptables[name=pure-ftpd, port=ftp, protocol=tcp]
sendmail-whois[name=pure-ftpd,
dest=admin@xxxxxxxxx.net,
sender=fail2ban@xxxxxxx.net]
logpath = /var/log/warn
maxretry = 3
I tested with www:~ # fail2ban-regex /var/log/warn /etc/fail2ban/filter.d/pure-ftpd.conf
Success, the total number of match is 22827
Any sugestion.
Reagrds,
Al
English | 
Deutsch
Fail2ban unable to ban
Hybrid Mode
Recent comments
1 day 4 hours ago
1 day 10 hours ago
1 day 14 hours ago
1 day 16 hours ago
2 days 6 hours ago
2 days 6 hours ago
2 days 11 hours ago
2 days 18 hours ago
2 days 18 hours ago
2 days 20 hours ago