Fail2ban talk:Community Portal
RoB:
Hi, i try to make a fail2ban-package for a famous Opensource-Webhosting platform (www.bluequartz.org). BQ is based on CentOS4 (python >=2.3), so we have to use fail2ban-0.6.x. It includes the proftpd-1.2.x, so i tried to figure out the correct regex for the following logentrys in /var/log/secure:
unknown user: Jan 25 04:01:05 hostname proftpd[10476]: hostname.domain.com (1.2.3.4[1.2.3.4]) - USER xxxx: no such user found from 1.2.3.4 [1.2.3.4] to 2.3.4.5:21
existing user, wrong pw: Jan 25 04:02:03 hostname proftpd[10495]: hostname.domain.com (1.2.3.4[1.2.3.4]) - USER rob (Login failed): Incorrect password.
But i didnt succeed. Maybe u can help me with that. I cant update to CentOS5 and/or python>=2.4.
Thanx for that wonderful tool :)
I am finding this error a few times on different scripts when installing on CentOS
byte-compiling /usr/share/fail2ban/server/mytime.py to mytime.pyc
File "/usr/share/fail2ban/server/mytime.py", line 49 @staticmethod ^
SyntaxError: invalid syntax
Any ideas
Are you sure that you have Python 2.4? Annotations are available since Python 2.4. --Lostcontrol 15:53, 8 May 2007 (CEST)
I got 2.4.3 root@usa2 [~]# python -V Python 2.4.3
I installed 2.5.1 and still the same problem.
Now it is working the version 0.6.2 installed from an RPM. I will try again 0.8.0 but later. Thanks
Can someone tell me why I´m getting these errors with fail2ban?
2007-07-07 17:22:09,608 fail2ban.actions.action: CRITICAL Unable to restore environment 2007-07-08 01:57:43,008 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp --dport http -j fail2ban-apache iptables -F fail2ban-apache iptables -X fail2ban-apache returned 100 2007-07-08 01:57:43,933 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp --dport ssh -j fail2ban-ssh iptables -F fail2ban-ssh iptables -X fail2ban-ssh returned 100
I´m using Debian Etch
Thanks!
Please use mailing-list for support next time. It seems that your iptables setup (related to fail2ban) get changed while fail2ban is running. Some firewall scripts/apps flush all rules when saving the changes. If fail2ban runs, it will not find its own chains anymore and will try to restore them. --Lostcontrol 09:57, 13 July 2007 (CEST)
Just tried to use latest build 0.8.1 and got thisd output
- fail2ban-client -h
File "/usr/bin/fail2ban-client", line 360 @staticmethod ^
SyntaxError: invalid syntax
I found a way to work around this problem with CentOS. Apparently CentOS has multiple versions of Python installed. Modify /usr/bin/fail2ban-client and /usr/bin/fail2ban-server so that the first line on each reads as follows:
#!/usr/local/bin/python2.4
(or wherever the direct executable for python2.4 is). By default it reads as #!/usr/bin/python, which is apparently an earlier version of python. If you don't know where python2.4 is located, you can find it by typing the following:
whereis python2
--rojo 14:36, 30 Oct 2007 (EST)
In the FAQ this line is not very clear
"You probably have the sendmail command. Copy /etc/fail2ban/action.d/mail-whois.conf to /etc/fail2ban/action.d/mail-whois.local, edit this file and replace mail with sendmail. Here is an example:"
which is "this" file mail-whois.local is what it sounds like
That's correct. You have to edit mail-whois.local. --Lostcontrol 10:17, 13 September 2007 (CEST)
Hello,
I have a CentOS 4 VPS with Python 2.3.
When I restart fail2ban I get this error:
File "/usr/bin/fail2ban-client", line 360 @staticmethod ^
SyntaxError: invalid syntax
I made sure to change the paths to #!/usr/local/bin/python2.3 in both /usr/bin/fail2ban-client and /usr/bin/fail2ban-server but it still does not work.
Are there any other ideas?
Thanks
Client/Server Question
What is the purpose/reason to have the server and client separate? Couldn't find this in the wiki, maybe it should be placed in the FAQ?
