Fail2ban question

Discussion in 'HOWTO-Related Questions' started by joelee, Apr 2, 2008.

  1. joelee

    joelee New Member

    Hi All,

    I am following this how-to to install fail2ban on debian ecth.
    http://www.howtoforge.com/fail2ban_debian_etch

    Installing the way the how-to suggest installs an older version of fail2ban (0.7.1). I want to install the new updated version on the fail2ban site - Which is 0.8.2... I see there's been some bug fixes and new features.

    I try to do a apt-get install fail2ban-0.8.2 to see if it would install the new version and that did not work.

    Then I try to install from source which installed o.k BUT when I try to start fail2ban I get this error:

    Code:
    host:/etc/init.d# fail2ban-client start
    2008-04-02 12:21:27,611 fail2ban.server : INFO   Starting Fail2ban v0.8.2
    2008-04-02 12:21:27,612 fail2ban.server : ERROR  Unable to create PID file: [Errno 2] No such file or directory: '/var/run/fail2ban/fail2ban.pid'
    
    Would appreciate any help regarding above.

    Also, I have another question:
    I am running a OpenVZ environment. I was wondering if I can install Fail2ban on the host node as appose to every single VPS. And, in my fail2ban config if I can specify different paths for each VPS logs path.

    For example: (Only using TCPwrapper service below)

    Code:
    
    [ssh-tcpwrapper]
    
    enabled     = true
    filter      = sshd
    action      = hostsdeny
                  sendmail-whois[name=SSH, dest=[email protected]]
    ignoreregex = for myuser from
    [B]logpath     = 101/var/log/auth.log     <---VPS
    logpath     = 102/var/log/auth.log     <---Another VPS
    logpath     = 200/var/log/auth.log     <--- etc....[/B]
    
    If I can do the above then I can control the settings and keep all config files from VPS users - Hope that makes sense..

    Would appreciate any comments/suggestions to doing the above.

    Joe
     
  2. falko

    falko Super Moderator ISPConfig Developer

    What are the outputs of
    Code:
    ls -la /var/run 
    and
    Code:
    ls -la /var/run/fail2ban
    ?

    That would protect only the host, but not the virtual machines.
     

Share This Page