It seems that fail2ban isn't running
/varlog/messagesMay 16 11:38:27 hpserver fail2ban-server: 2024-05-16 11:38:27,495 fail2ban [2088]: ERROR Failed during configuration: Have not found any log file for smanager jail
May 16 11:38:27 hpserver fail2ban-server: 2024-05-16 11:38:27,503 fail2ban [2088]: ERROR Async configuration of server failed
/var/log/fail2ban/daemon.log exists - zero length, owned by root:root, permissions 0600
fail2ban-client start2024-05-16 11:44:22,331 fail2ban [2140]: ERROR Failed during configuration: Have not found any log file for smanager jail
I found an issue on github:
https://github.com/fail2ban/fail2ban/issues/2756which mentions changing backend to systemd from auto, this fixed the starting issue
I created a custom template in
/etc/e-smith/templates-custom/etc/fail2ban/jail.conf/99Backend
with backend=systemd
then
expand-template /etc/fail2ban/jail.conf
signal-event fail2ban-conf
Fail2ban is now running
fail2ban-client status:
[root@hpserver jail.conf]# fail2ban-client status
2024-05-16 12:21:43,881 fail2ban.configreader [3146]: WARNING 'socket' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.sock'
2024-05-16 12:21:43,881 fail2ban.configreader [3146]: WARNING 'pidfile' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.pid'
2024-05-16 12:21:43,882 fail2ban.configreader [3146]: WARNING 'loglevel' not defined in 'Definition'. Using default one: 'INFO'
2024-05-16 12:21:43,882 fail2ban.configreader [3146]: WARNING 'logtarget' not defined in 'Definition'. Using default one: '/var/log/fail2ban.log'
2024-05-16 12:21:43,882 fail2ban.configreader [3146]: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
Status
|- Number of jail: 14
`- Jail list: http-auth, http-badbots, http-fakegooglebot, http-noscript, http-overflows, http-scan, http-shellshock, imap, pam-generic, qpsmtpd, recidive, smanager, ssh, ssh-ddos
are the warnings ok to ignore?
18 Replies
1761 Views