fail2ban errors in ban actions

1 post / 0 new
#1 Tue, 11/05/2019 - 14:47
DanielStonek

fail2ban errors in ban actions

A couple of weeks ago I built a VPS from Contabo. They installed Centos 7 and Webmin. I realized that fail2ban was not working properly. The only setting I've changed was some Time to Ban. Letting the action ban to firewallcmd-ipset in some common services like postfix, postfix-sasl, dovecot, proftpd from fail2ban.log I got errors like

  • 2019-11-05 11:20:01,002 fail2ban.actions [1483]: NOTICE [proftpd] Ban 222.182.57.235
  • 2019-11-05 11:20:01,135 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- stdout: ''
  • 2019-11-05 11:20:01,136 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- stderr: 'ipset v7.1: The set with the given name does not exist\n'
  • 2019-11-05 11:20:01,137 fail2ban.action [1483]: ERROR ipset add fail2ban-proftpd 222.182.57.235 timeout -1 -exist -- returned 1
  • 2019-11-05 11:20:01,137 fail2ban.actions [1483]: ERROR Failed to execute ban jail 'proftpd' action 'firewallcmd-ipset' info 'CallingMap({'ipjailmatches': at 0x7fcc0220fd70>, 'matches': '2019-11-05T11:19:14.844114host.MyDomain.com proftpd[17169]: xxx.xxx.xxx.xxx (222.182.57.235[222.18......
  • Changing some actions to iptables-allports I got

  • 2019-11-05 12:06:58,310 fail2ban.filter [1483]: INFO [dovecot] Found 160.20.147.228
  • 2019-11-05 12:06:58,750 fail2ban.actions [1483]: NOTICE [dovecot] Ban 160.20.147.228
  • 2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- stdout: ''
  • 2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- stderr: ''
  • 2019-11-05 12:06:58,861 fail2ban.action [1483]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-default[ \t]' -- returned 1
  • 2019-11-05 12:06:58,862 fail2ban.CommandAction [1483]: ERROR Invariant check failed. Trying to restore a sane environment
  • 2019-11-05 12:06:58,974 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default
  • iptables -w -F f2b-default
  • iptables -w -X f2b-default -- stdout: ''
  • 2019-11-05 12:06:58,975 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default
  • iptables -w -F f2b-default
  • iptables -w -X f2b-default -- stderr: "iptables v1.4.21: Couldn't load target `f2b-default':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match by that name.\n"
  • 2019-11-05 12:06:58,975 fail2ban.action [1483]: ERROR iptables -w -D INPUT -p tcp -j f2b-default
  • iptables -w -F f2b-default
  • iptables -w -X f2b-default -- returned 1
  • 2019-11-05 12:06:58,975 fail2ban.actions [1483]: ERROR Failed to execute ban jail 'dovecot' action 'iptables-allports' info 'CallingMap({'ipjailmatches': at 0x7fcc0220fc08>, 'match.......
  • ipset -v ipset v7.1, protocol version: 7

    How can I solve that? Thank you