Hi, I have followed this guide www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3-p4 I am at a point where I had to install and make restart fail2ban. after following #18 Install fail2ban in guide when I make the restart I get logs with an error... I am not able to figure out what is the problem as I am not an expert . Code: root@server4:/# /etc/init.d/fail2ban restart [....] Restarting authentication failure monitor: fail2banTraceback (most recent call last): File "/usr/bin/fail2ban-client", line 404, in <module> if client.start(sys.argv): File "/usr/bin/fail2ban-client", line 373, in start return self.__processCommand(args) File "/usr/bin/fail2ban-client", line 183, in __processCommand ret = self.__readConfig() File "/usr/bin/fail2ban-client", line 377, in __readConfig self.__configurator.readAll() File "/usr/share/fail2ban/client/configurator.py", line 61, in readAll self.__jails.read() File "/usr/share/fail2ban/client/jailsreader.py", line 44, in read ConfigReader.read(self, "jail") File "/usr/share/fail2ban/client/configreader.py", line 62, in read SafeConfigParserWithIncludes.read(self, [bConf, bLocal]) File "/usr/share/fail2ban/client/configparserinc.py", line 108, in read fileNamesFull += SafeConfigParserWithIncludes.getIncludes(filename) File "/usr/share/fail2ban/client/configparserinc.py", line 79, in getIncludes parser.read(resource) File "/usr/lib/python2.7/ConfigParser.py", line 305, in read self._read(fp, filename) File "/usr/lib/python2.7/ConfigParser.py", line 512, in _read raise MissingSectionHeaderError(fpname, lineno, line) ConfigParser.MissingSectionHeaderError: File contains no section headers. file: /etc/fail2ban/jail.local, line: 1 '\xef\xbb\xbf[pureftpd]\r\n' failed! root@server4:/# Someone please suggest me why this is happening and what should I do.
This is where I created pureftpd.conf : /etc/fail2ban/filter.d/pureftpd.conf And this below codes are inside of it. Code: [Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex = still failing.
Ok. Ok. I have followed the guide and added all codes for each created file between their relative directory as I said and it is still failing... /etc/fail2ban/jail.local Code: [pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 3 /etc/fail2ban/filter.d/pureftpd.conf Code: [Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex = /etc/fail2ban/filter.d/dovecot-pop3imap.conf Code: [Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.* ignoreregex =
Not working Ok. I have followed the guide and added all codes for each created file between their relative directory as I said and it is still failing... /etc/fail2ban/jail.local Code: [pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 3 /etc/fail2ban/filter.d/pureftpd.conf Code: [Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex = /etc/fail2ban/filter.d/dovecot-pop3imap.conf Code: [Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.* ignoreregex = If I remove [pureftpd] from jail.local file then error changes from pureftpd to dovecot-pop3imap . in line : 1 . Any help please?