If someone adds a lot of jails in fail2ban, then some of them may not start (errors in /var/log/fail2ban.log but not in the output !!!) It seems that this is a common situation as it is described here: http://www.fail2ban.org/wiki/index.php/Fail2ban_talk:Community_Portal The problem appears in Debian Squeeze, too and the solution is in the previous URL in the section fail2ban.action.action ERROR on startup/restart (near the end of page. Unfortunately the solution is a bit of a hack... but at least it is a solution
I am writing the solution for completeness In the file /usr/bin/fail2ban-client at line 145 you have to insert time.sleep(0.1) or time.sleep(0.05) so : BEFORE Code: def __processCmd(self, cmd, showRet = True): beautifier = Beautifier() for c in cmd: beautifier.setInputCmd(c) try: AFTER Code: def __processCmd(self, cmd, showRet = True): beautifier = Beautifier() for c in cmd: time.sleep(0.05) beautifier.setInputCmd(c) try:
FYI, I had to add time.sleep(0.3) for it to work on ubuntu 8.04. Shorter times were still causing some errors. sk
As I see, the most common setting is above 0.1 It's probably related with the cpu. The faster the cpu, the lower the time
An alternative which does not require to edit the fail2ban sources is to ban with the route command instead of iptables: http://www.faqforge.com/linux/contr...ute-instead-of-iptables-to-block-connections/
solved I finally found what was going wrong for this kind of error: . Initially, I tried the proposed solution, by editing /usr/bin/fail2ban-client, with no success. Afterward, I read my fail2ban.log more carefully, and I saw this at start-up: but I already read somewhere that Gamin is not working well. So, I edited /etc/fail2ban/jail.conf to change backend from auto to polling, as auto was giving Gamin: Code: # "backend" specifies the backend used to get files modification. Available # options are "gamin", "polling" and "auto". # yoh: For some reason Debian shipped python-gamin didn't work as expected # This issue left ToDo, so polling is default backend for now backend = polling and after a Code: service fail2ban restart , I have no more error. this is solved for me!