Prev Previous Post   Next Post Next
  #1  
Old 25th March 2011, 02:57
aberrio aberrio is offline
Senior Member
 
Join Date: Sep 2007
Posts: 150
Thanks: 13
Thanked 3 Times in 3 Posts
Default Fail2ban unable to ban

Hello,

I installed fail2ban in opensuse 11.3 server. After restarted status shows

www:~ # fail2ban-client status
Status
|- Number of jail: 0
`- Jail list:

But I do have apache and pureftpd fail active, and of course fail2ban is not banning. I notice that the fail2ban log file is old no new entries on it.

I do have ipatables on but is fail2ban is not active.

www:~ # iptables -n -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED
input_ext all -- 0.0.0.0/0 0.0.0.0/0
input_ext all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0
www:~ #


Here is my jail file..

[apache-nohome]
enabled = true
filter = apache-nohome
action = iptables-multiport[name=apache-nohome, port="http,https"]
sendmail-buffered[name=apache-nohome, lines=5, dest=admin@wwwwwww.xxx]
[name=apache-overflows, port=http,https, protocol=tcp]
logpath = /var/log/apache2/error_log
bantime = 86400
maxretry = 1



[pureftpd-iptables]
enabled = true
filter = pure-ftpd
action = iptables[name=pure-ftpd, port=ftp, protocol=tcp]
sendmail-whois[name=pure-ftpd, dest=admin@xxxxxxxxx.net, sender=fail2ban@xxxxxxx.net]
logpath = /var/log/warn
maxretry = 3


I tested with www:~ # fail2ban-regex /var/log/warn /etc/fail2ban/filter.d/pure-ftpd.conf

Success, the total number of match is 22827

Any sugestion.

Reagrds,

Al

Last edited by aberrio; 25th March 2011 at 03:03.
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot login to phpmyadmin penkku HOWTO-Related Questions 1 24th February 2011 09:26
Fail2ban attacker Toucan General 2 5th October 2010 23:00
Forbidden 403; Samba access; config of maildeamon fawkes Installation/Configuration 4 14th January 2010 18:16
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 05:19
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29


All times are GMT +2. The time now is 10:35.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.