#1  
Old 29th March 2012, 05:08
zgjonbalaj zgjonbalaj is offline
Junior Member
 
Join Date: Jun 2011
Posts: 9
Thanks: 0
Thanked 2 Times in 1 Post
Default Fail2Ban IpTables Error

Any idea on why this is happening?

Code:
2012-03-28 23:03:35,529 fail2ban.jail : INFO Creating new jail 'courierpop3s'
2012-03-28 23:03:35,529 fail2ban.jail : INFO Jail 'courierpop3s' uses Gamin
2012-03-28 23:03:35,531 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:03:35,532 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:03:35,535 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:03:35,536 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:03:35,543 fail2ban.jail : INFO Creating new jail 'courierimap'
2012-03-28 23:03:35,543 fail2ban.jail : INFO Jail 'courierimap' uses Gamin
2012-03-28 23:03:35,545 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:03:35,546 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:03:35,549 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:03:35,550 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:03:35,557 fail2ban.jail : INFO Creating new jail 'courierimaps'
2012-03-28 23:03:35,557 fail2ban.jail : INFO Jail 'courierimaps' uses Gamin
2012-03-28 23:03:35,559 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:03:35,560 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:03:35,563 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:03:35,564 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:03:35,572 fail2ban.jail : INFO Jail 'ssh' started
2012-03-28 23:03:35,575 fail2ban.jail : INFO Jail 'sasl' started
2012-03-28 23:03:35,579 fail2ban.jail : INFO Jail 'pureftpd' started
2012-03-28 23:03:35,586 fail2ban.jail : INFO Jail 'courierpop3' started
2012-03-28 23:03:35,592 fail2ban.jail : INFO Jail 'courierpop3s' started
2012-03-28 23:03:35,599 fail2ban.jail : INFO Jail 'courierimap' started
2012-03-28 23:03:35,603 fail2ban.actions.action: ERROR iptables -N fail2ban-pureftpd
iptables -A fail2ban-pureftpd -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ftp -j fail2ban-pureftpd returned 400
2012-03-28 23:03:35,607 fail2ban.jail : INFO Jail 'courierimaps' started
2012-03-28 23:04:23,665 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports pop3s -j fail2ban-courierpop3s
iptables -F fail2ban-courierpop3s
iptables -X fail2ban-courierpop3s returned 100
2012-03-28 23:04:23,666 fail2ban.jail : INFO Jail 'courierpop3s' stopped
2012-03-28 23:04:24,674 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports imap2 -j fail2ban-courierimap
iptables -F fail2ban-courierimap
iptables -X fail2ban-courierimap returned 100
2012-03-28 23:04:24,675 fail2ban.jail : INFO Jail 'courierimap' stopped
2012-03-28 23:04:25,646 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh
iptables -F fail2ban-ssh
iptables -X fail2ban-ssh returned 100
2012-03-28 23:04:25,646 fail2ban.jail : INFO Jail 'ssh' stopped
2012-03-28 23:04:25,686 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports imaps -j fail2ban-courierimaps
iptables -F fail2ban-courierimaps
iptables -X fail2ban-courierimaps returned 100
2012-03-28 23:04:25,686 fail2ban.jail : INFO Jail 'courierimaps' stopped
2012-03-28 23:04:26,667 fail2ban.jail : INFO Jail 'pureftpd' stopped
2012-03-28 23:04:27,653 fail2ban.jail : INFO Jail 'sasl' stopped
2012-03-28 23:04:28,636 fail2ban.jail : INFO Jail 'courierpop3' stopped
2012-03-28 23:04:28,638 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.5
2012-03-28 23:04:28,639 fail2ban.jail : INFO Creating new jail 'ssh'
2012-03-28 23:04:28,639 fail2ban.jail : INFO Jail 'ssh' uses Gamin
2012-03-28 23:04:28,640 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2012-03-28 23:04:28,641 fail2ban.filter : INFO Set maxRetry = 6
2012-03-28 23:04:28,645 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,646 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,665 fail2ban.jail : INFO Creating new jail 'sasl'
2012-03-28 23:04:28,666 fail2ban.jail : INFO Jail 'sasl' uses Gamin
2012-03-28 23:04:28,668 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:04:28,669 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,673 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,673 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,680 fail2ban.jail : INFO Creating new jail 'pureftpd'
2012-03-28 23:04:28,680 fail2ban.jail : INFO Jail 'pureftpd' uses Gamin
2012-03-28 23:04:28,682 fail2ban.filter : INFO Added logfile = /var/log/syslog
2012-03-28 23:04:28,682 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,686 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,687 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,693 fail2ban.jail : INFO Creating new jail 'courierpop3'
2012-03-28 23:04:28,694 fail2ban.jail : INFO Jail 'courierpop3' uses Gamin
2012-03-28 23:04:28,695 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:04:28,696 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,700 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,700 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,707 fail2ban.jail : INFO Creating new jail 'courierpop3s'
2012-03-28 23:04:28,707 fail2ban.jail : INFO Jail 'courierpop3s' uses Gamin
2012-03-28 23:04:28,708 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:04:28,709 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,713 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,714 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,720 fail2ban.jail : INFO Creating new jail 'courierimap'
2012-03-28 23:04:28,720 fail2ban.jail : INFO Jail 'courierimap' uses Gamin
2012-03-28 23:04:28,722 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:04:28,723 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,727 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,727 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,734 fail2ban.jail : INFO Creating new jail 'courierimaps'
2012-03-28 23:04:28,734 fail2ban.jail : INFO Jail 'courierimaps' uses Gamin
2012-03-28 23:04:28,736 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:04:28,736 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:04:28,740 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:04:28,741 fail2ban.actions: INFO Set banTime = 260000
2012-03-28 23:04:28,748 fail2ban.jail : INFO Jail 'ssh' started
2012-03-28 23:04:28,752 fail2ban.jail : INFO Jail 'sasl' started
2012-03-28 23:04:28,758 fail2ban.jail : INFO Jail 'pureftpd' started
2012-03-28 23:04:28,764 fail2ban.jail : INFO Jail 'courierpop3' started
2012-03-28 23:04:28,766 fail2ban.actions.action: ERROR iptables -N fail2ban-sasl
iptables -A fail2ban-sasl -j RETURN
iptables -I INPUT -p tcp -m multiport --dports smtp -j fail2ban-sasl returned 200
2012-03-28 23:04:28,769 fail2ban.jail : INFO Jail 'courierpop3s' started
2012-03-28 23:04:28,775 fail2ban.jail : INFO Jail 'courierimap' started
2012-03-28 23:04:28,783 fail2ban.jail : INFO Jail 'courierimaps' started
Reply With Quote
Sponsored Links
  #2  
Old 29th March 2012, 08:31
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,395
Thanks: 833
Thanked 5,490 Times in 4,322 Posts
Default

Which Linux distribution?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 30th March 2012, 05:52
zgjonbalaj zgjonbalaj is offline
Junior Member
 
Join Date: Jun 2011
Posts: 9
Thanks: 0
Thanked 2 Times in 1 Post
Default

Ubuntu 11.10 x64 used the ISPConfig3 Perfect Server Guide!
Reply With Quote
  #4  
Old 30th March 2012, 05:55
zgjonbalaj zgjonbalaj is offline
Junior Member
 
Join Date: Jun 2011
Posts: 9
Thanks: 0
Thanked 2 Times in 1 Post
Default

This is the latest log. Ive tried restarting and rebooting the system. Nothing seems to work. Ive tried going online many people suggesting different things thought id double check here before i do anything.

Code:
2012-03-28 23:34:28,082 fail2ban.jail : INFO Jail 'ssh' started
2012-03-28 23:34:28,086 fail2ban.jail : INFO Jail 'sasl' started
2012-03-28 23:34:28,090 fail2ban.jail : INFO Jail 'pureftpd' started
2012-03-28 23:34:28,098 fail2ban.jail : INFO Jail 'courierpop3' started
2012-03-28 23:34:28,106 fail2ban.jail : INFO Jail 'courierpop3s' started
2012-03-28 23:34:28,113 fail2ban.jail : INFO Jail 'courierimap' started
2012-03-28 23:34:28,120 fail2ban.jail : INFO Jail 'courierimaps' started
2012-03-28 23:44:04,712 fail2ban.actions: WARNING [pureftpd] Ban 173.9.110.114
2012-03-28 23:44:05,412 fail2ban.actions: WARNING [pureftpd] Ban 173.9.110.114
2012-03-28 23:54:12,369 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports pop3s -j fail2ban-courierpop3s
iptables -F fail2ban-courierpop3s
iptables -X fail2ban-courierpop3s returned 100
2012-03-28 23:54:12,370 fail2ban.jail : INFO Jail 'courierpop3s' stopped
2012-03-28 23:54:12,380 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports imap2 -j fail2ban-courierimap
iptables -F fail2ban-courierimap
iptables -X fail2ban-courierimap returned 100
2012-03-28 23:54:13,312 fail2ban.jail : INFO Jail 'courierimap' stopped
2012-03-28 23:54:13,330 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh
iptables -F fail2ban-ssh
iptables -X fail2ban-ssh returned 100
2012-03-28 23:54:14,309 fail2ban.jail : INFO Jail 'ssh' stopped
2012-03-28 23:54:14,365 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports imaps -j fail2ban-courierimaps
iptables -F fail2ban-courierimaps
iptables -X fail2ban-courierimaps returned 100
2012-03-28 23:54:14,366 fail2ban.jail : INFO Jail 'courierimaps' stopped
2012-03-28 23:54:15,356 fail2ban.actions: WARNING [pureftpd] Unban 173.9.110.114
2012-03-28 23:54:15,368 fail2ban.actions.action: ERROR iptables -D fail2ban-pureftpd -s 173.9.110.114 -j DROP returned 100
2012-03-28 23:54:15,378 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ftp -j fail2ban-pureftpd
iptables -F fail2ban-pureftpd
iptables -X fail2ban-pureftpd returned 100
2012-03-28 23:54:15,378 fail2ban.jail : INFO Jail 'pureftpd' stopped
2012-03-28 23:54:16,315 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp -j fail2ban-sasl
iptables -F fail2ban-sasl
iptables -X fail2ban-sasl returned 100
2012-03-28 23:54:16,316 fail2ban.jail : INFO Jail 'sasl' stopped
2012-03-28 23:54:16,349 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports pop3 -j fail2ban-courierpop3
iptables -F fail2ban-courierpop3
iptables -X fail2ban-courierpop3 returned 100
2012-03-28 23:54:17,307 fail2ban.jail : INFO Jail 'courierpop3' stopped
2012-03-28 23:54:17,310 fail2ban.server : INFO Exiting Fail2ban
2012-03-28 23:54:17,870 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.5
2012-03-28 23:54:17,871 fail2ban.jail : INFO Creating new jail 'ssh'
2012-03-28 23:54:17,873 fail2ban.jail : INFO Jail 'ssh' uses Gamin
2012-03-28 23:54:17,891 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2012-03-28 23:54:17,892 fail2ban.filter : INFO Set maxRetry = 6
2012-03-28 23:54:17,893 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,893 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,941 fail2ban.jail : INFO Creating new jail 'sasl'
2012-03-28 23:54:17,942 fail2ban.jail : INFO Jail 'sasl' uses Gamin
2012-03-28 23:54:17,943 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:54:17,944 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:17,945 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,946 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,954 fail2ban.jail : INFO Creating new jail 'pureftpd'
2012-03-28 23:54:17,954 fail2ban.jail : INFO Jail 'pureftpd' uses Gamin
2012-03-28 23:54:17,955 fail2ban.filter : INFO Added logfile = /var/log/syslog
2012-03-28 23:54:17,956 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:17,957 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,958 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,965 fail2ban.jail : INFO Creating new jail 'courierpop3'
2012-03-28 23:54:17,965 fail2ban.jail : INFO Jail 'courierpop3' uses Gamin
2012-03-28 23:54:17,967 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:54:17,967 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:17,969 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,969 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,976 fail2ban.jail : INFO Creating new jail 'courierpop3s'
2012-03-28 23:54:17,976 fail2ban.jail : INFO Jail 'courierpop3s' uses Gamin
2012-03-28 23:54:17,978 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:54:17,979 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:17,980 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,980 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,988 fail2ban.jail : INFO Creating new jail 'courierimap'
2012-03-28 23:54:17,988 fail2ban.jail : INFO Jail 'courierimap' uses Gamin
2012-03-28 23:54:17,989 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:54:17,990 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:17,991 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:17,992 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:17,999 fail2ban.jail : INFO Creating new jail 'courierimaps'
2012-03-28 23:54:17,999 fail2ban.jail : INFO Jail 'courierimaps' uses Gamin
2012-03-28 23:54:18,001 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2012-03-28 23:54:18,001 fail2ban.filter : INFO Set maxRetry = 5
2012-03-28 23:54:18,002 fail2ban.filter : INFO Set findtime = 600
2012-03-28 23:54:18,003 fail2ban.actions: INFO Set banTime = 86400
2012-03-28 23:54:18,011 fail2ban.jail : INFO Jail 'ssh' started
2012-03-28 23:54:18,015 fail2ban.jail : INFO Jail 'sasl' started
2012-03-28 23:54:18,018 fail2ban.jail : INFO Jail 'pureftpd' started
2012-03-28 23:54:18,023 fail2ban.jail : INFO Jail 'courierpop3' started
2012-03-28 23:54:18,036 fail2ban.jail : INFO Jail 'courierpop3s' started
2012-03-28 23:54:18,040 fail2ban.jail : INFO Jail 'courierimap' started
2012-03-28 23:54:18,044 fail2ban.jail : INFO Jail 'courierimaps' started
2012-03-28 23:59:06,361 fail2ban.actions: WARNING [pureftpd] Unban 173.9.110.114
2012-03-28 23:59:06,374 fail2ban.actions.action: ERROR iptables -D fail2ban-pureftpd -s 173.9.110.114 -j DROP returned 100
2012-03-29 06:25:06,119 fail2ban.filter : INFO Log rotation detected for /var/log/syslog
2012-03-29 06:25:06,141 fail2ban.filter : INFO Log rotation detected for /var/log/syslog
2012-03-29 18:44:03,687 fail2ban.actions: WARNING [ssh] Ban 182.72.180.90
2012-03-29 18:44:03,939 fail2ban.actions: WARNING [ssh] Ban 182.72.180.90
2012-03-29 18:59:04,888 fail2ban.actions: WARNING [ssh] Unban 182.72.180.90
2012-03-29 22:34:51,158 fail2ban.actions: WARNING [ssh] Ban 187.8.0.54
2012-03-29 22:34:51,341 fail2ban.actions: WARNING [ssh] Ban 187.8.0.54
2012-03-29 22:49:52,290 fail2ban.actions: WARNING [ssh] Unban 187.8.0.54
Reply With Quote
  #5  
Old 30th March 2012, 06:09
zgjonbalaj zgjonbalaj is offline
Junior Member
 
Join Date: Jun 2011
Posts: 9
Thanks: 0
Thanked 2 Times in 1 Post
 
Default

May have found a solution for those interested.... visit this link:

http://www.evilbox.ro/linux/fail2ban...-on-ubuntu-11/

seems to be a common problem and adding a time.sleep(0.1) adds a bit of time before the read im assuming.

I will update in a few days time on the problem.
Reply With Quote
The Following 2 Users Say Thank You to zgjonbalaj For This Useful Post:
cRUSH3r (28th May 2014), falko (30th March 2012)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
can't send/recieve email postfix/smtpd archbird Installation/Configuration 6 8th November 2010 14:48
Webmin upgrade lishaw1968 Installation/Configuration 15 26th August 2010 15:23
ISPConfig 3: Monitor Module & Logfiles - All setup correctly? Master One Installation/Configuration 2 10th July 2009 18:51
IPtables rule to let PPTP access LAN brianwebb01 Installation/Configuration 0 1st May 2008 21:23
Fresh Install on Debian cksrealm Installation/Configuration 12 22nd February 2006 16:14


All times are GMT +2. The time now is 02:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.