Fail2Ban Not starting

fail2ban
v7

(Reggie Ho) #1

NethServer Version: 7.3.1611
Module: fail2ban 0:0.9.6-3.el7

I had a problem with Server Error in LAPD… Install New Server and restore the Backup Configuration file… Everything else works, except fail2ban module refused to start.

Tried removing fail2ban , delete the fail2ban directory in /etc, reinstall, still not able to start the Fail2Ban Service… Appreciate help…
Thanks in advance…


(Stéphane de Labrusse) #2

see the fail2ban log in /var/log

probably a jail is missed


(Reggie Ho) #3

the fail2ban log is empty…


(Stéphane de Labrusse) #4

try to start manually by the commandline and see what it occurs

systemctl start fail2ban


(Reggie Ho) #5

This is what I see

fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Fri 2017-07-28 10:27:22 PDT; 33s ago
Docs: man:fail2ban(1)
Process: 3590 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)

Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: fail2ban.service: control process …5
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: Failed to start Fail2Ban Service.
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: Unit fail2ban.service entered fail…
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: fail2ban.service failed.
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: fail2ban.service holdoff time over…
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: start request repeated too quickly…e
Jul 28 10:27:22 zzz.xxx.xxx systemd[1]: Failed to start Fail2Ban Service.
Jul 28 10:27:22 zzz.xxx.xxxt systemd[1]: Unit fail2ban.service entered fail…
Jul 28 10:27:22 zzz.xxx.xxxt systemd[1]: fail2ban.service failed.
Hint: Some lines were ellipsized, use -l to show in full.


(Stéphane de Labrusse) #6

rpm -qa |grep -i fail2ban


(Reggie Ho) #7

fail2ban-server-0.9.6-3.el7.noarch
nethserver-fail2ban-0.1.21-1.ns7.sdl.noarch
fail2ban-firewalld-0.9.6-3.el7.noarch
fail2ban-shorewall-0.9.6-3.el7.noarch
fail2ban-0.9.6-3.el7.noarch
fail2ban-sendmail-0.9.6-3.el7.noarch


(Stéphane de Labrusse) #8

yum reinstall *fail2ban*


(Reggie Ho) #9

restarting…


(Reggie Ho) #10

no go… I’d reboot server…


(Reggie Ho) #11

Reboot server … still no Go…


(Reggie Ho) #12

I tried uninstall and deleted the fail2ban folder, re-install,. and still no go


(Reggie Ho) #13

I ran this fail2ban-client start
and got this error:::
ERROR No file(s) found for glob /var/log/sogo/sogo.log
ERROR Failed during configuration: Have not found any log file for sogo-auth jail


(Reggie Ho) #14

Re-Install SoGO… and it’s running…
OMG… seems like I can’t remove SOGO if I want to keep fail2ban


(Stéphane de Labrusse) #15

You can also remove sogo and if needed

config delete sogod
signal-event nethserver-fail2ban-save

it makes me thing that I can protect this jail by looking if the log /var/log/sogo/sogo.log exists


(Stéphane de Labrusse) #16

released both ns6&ns7


(Reggie Ho) #17

Thanks so much again for the help…much appreciate it .