Koozali.org: home of the SME Server

fail2ban under SME10.1

Offline leonplk

  • *
  • 5
  • +0/-0
fail2ban under SME10.1
« on: January 08, 2025, 04:30:51 PM »
Hello, all.
After almost 2 weeks of struggling with fail2ban in my SME10.1 installation I give up.
I spent days with ChatGPT and alone - no success:
F2B multiplies bans, struggles with iptables and fails, etc.
Is here someone who successfully runs it?
If can, I will be dreadfully thankful if you will be able to share your working configiration.
Or share your way to win the battle with it.
Many thanks.

Offline ReetP

  • *
  • 3,892
  • +6/-0
Re: fail2ban under SME10.1
« Reply #1 on: January 08, 2025, 09:43:29 PM »
For the last time. Stop using ChatGPT

I told you once.

https://forums.koozali.org/index.php/topic,55239.msg291469.html#msg291469

I told you twice.

https://forums.koozali.org/index.php/topic,55239.msg291471.html#msg291471

You don't know enough to know if it is telling the truth or hallucinating. Probably the latter because if it was any good you wouldn't be asking for help would you? It would have fixed it for you. But it hasn't.

"All that glisters is not gold"

Correctly configured fail2ban runs without issues.

But as you have given us zero information on your setup and probably trashed a lot of stuff at the hands of the Chat monster,  it'll be hard to untangle the mess you have made (and your previous thread indicated you had it fixed)

So if you want help:

Bin the Chat monster
Read how to debug properly
Supply some useful information.

https://forums.koozali.org/index.php/topic,54724.0.html

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline leonplk

  • *
  • 5
  • +0/-0
Re: fail2ban under SME10.1
« Reply #2 on: January 10, 2025, 07:30:56 PM »
Thank you, sir.
You are right in that ChatGPT  is stupid. But, you know, when one is frustrated by days of struggle, any word of sympathy seems useful...:-)
The fail2ban itself works - rules are OK and find all correctly.
But for some reason fail2ban creates hundreds of chains with the same name f2b-recidive which remains empty.
Looking into daemon.log just now I see errors like:
 2025-01-10 20:23:09,306 7F557DFFB700 ERROR 7f55a4081450 -- exec: iptables -w -F f2b-sqpsmtpd; iptables -w -X f2b-sqpsmtpd 2>/dev/null; iptables -w -N f2b-sqpsmtpd; iptables -w -A f2b-sqpsmtpd -j RETURN; iptables -w -I INPUT -p tcp -m multiport --dports "25" protocol=tcp -j f2b-sqpsmtpd
 2025-01-10 20:23:10,776 7F557DFFB700 ERROR 7f55a4081450 -- stderr: "Bad argument `protocol=tcp'"

or

 2025-01-10 20:23:09,313 7F557DFFB700 ERROR Failed to execute ban jail 'sqpsmtpd' action 'iptables' info 'ActionInfo({'ip': '87.120.93.10', 'fid': <function <lambda> at 0x7f55a4ab38c0>, 'family': 'inet4', 'raw-ticket': <function <lambda> at 0x7f55a4ab3e60>})': Error starting action Jail('sqpsmtpd')/iptables: 'Script error'

I tried many variants, but...
As all these errors seems to be originated from errors in jail.conf and/or iptables-multiport.conf, I thought that looking at  a working setup I will be able to find correct definitions.

I understand also, that most probably my errors are not emposed by SME10 configuration/operation.
This was also the reason of my kind request to receive the working setup.

Thanks a lot.and excuse me.