followed the guide posted below http://www.howtoforge.com/perfect-server-centos-5.5-x86_64-ispconfig-3 centos 5.5, 64bit, ispconfig 3.0.3.1 i've installed fail2ban, it's running, but does not appear to be doing anything. contents of fail2ban.log are empty. ispconfig tells me "fail2ban is not installed at this server." i believe the problem is that the fail2ban binary is not in my path. here is the output of some which commands Code: which fail2ban /usr/bin/which: no fail2ban in (/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) which fail2ban-server /usr/bin/fail2ban-server which fail2ban-client /usr/bin/fail2ban-client my problem is i have no idea what the fail2ban binary is, or where it's located. any help would be greatly appreciated.
hi till, thanks. here is the output of that command on my system which fail2ban-client /usr/bin/fail2ban-client log file location is: /var/log/fail2ban.log i'm not sure what else to check for. thanks, - dave
SELinux was disabled by doing the following ran the command: system-config-securitylevel set the following. Security Level: ( ) Enabled (*) Disabled SELinux: Disabled then selected OK, followed by a reboot.
Try to make a link for fail2ban in /usr/bin to fail2ban-client. The script does not recognize fail2ban on CentOS, at least not on my 5.5 install, without the link. I have seen specific testing is done in /usr/local/ispconfig/server/mods-available/monitor_core_module.inc.php for CentOS to find fail2ban and that checks for 'which fail2ban'. Still investigating this, but could be something to do with the fact that on my install, 5.5 is not recognized as CentOS, but as RedHat unknown....
thanks. i made a symlink to fail2ban-client ln -s /usr/bin/fail2ban-client /usr/bin/fail2ban rebooted, ran the ispconfig update in the installer directory. ispconfig is still showing the message "fail2ban is not installed at this server." output of which fail2ban is now which fail2ban /usr/bin/fail2ban fail2ban is running, as far as i can tell. service fail2ban status Fail2ban (pid 4498) is running... Status |- Number of jail: 0 `- Jail list:
Yes, fail2ban is running but not configured with any jails. So currently it does not do anything. Please check if you have a readable /var/log/fail2ban.log with content inside.
hi marco, i do have a log file in /var/log/ -rw------- 1 root root 0 Dec 16 22:15 fail2ban.log it's empty.
Configure a jail in fail2ban and make sure logging output will be in the logfile. The table for monitoring in the dbispconfig mysql db will not be updated if there is no logging and the "fail2ban not installed" error keeps returning.
hi marco, i finally got this sorted. i thought fail2ban was configured in /etc/fail2ban/fail2ban.conf and i never looked at /etc/fail2ban/jail.conf i edited /etc/fail2ban/jail.conf and enabled ssh. also updated the ssh log to /var/log/secure it was sshd.log (or something similar) ssh was my main concern, but i'll try and enable http auth and some others as well. restarted fail2ban and tested this out. fail2ban works fine now, bans IPs, and ispconfig shows me the log via the control panel. thanks to everyone for helping me with this!
