Bug#334272: Did not start [was Re: Bug#334272: fail2ban: returned ERROR 256 from iptables]

Tue, 18 Oct 2005 07:48:38 -0700 

Yarik,

Yesterday using 0.5.4-5.14, valid ssh logins worked fine, and ssh
attacks were correctly prevented.

But upon restart, fail2ban failed to start. (I shutdown each night and
reboot each morning.)

/var/log/fail2ban:

2005-10-18 09:05:50,289 WARNING: Verbose level is 1
2005-10-18 09:05:50,297 INFO: Fail2Ban v0.5.4 is running
2005-10-18 09:05:50,301 INFO: Enabled sections: ['SSH']
2005-10-18 09:05:50,505 ERROR: 'iptables -N fail2ban-ssh
iptables -I INPUT -p tcp --dport ssh -j fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN' returned 256
2005-10-18 09:05:50,532 ERROR: Fail2Ban got an unhandled exception and died.
2005-10-18 09:05:50,533 ERROR: Type: 'ExternalError'
Value: ("Execution of command 'iptables -N fail2ban-ssh\niptables -I
INPUT -p tcp --dport ssh -j fail2ban-ssh\niptables -A fail2ban-ssh -j
RETURN' failed",)
TB: [('/usr/bin/fail2ban', 46, '?', 'fail2ban.main()'),
('/usr/share/fail2ban/fail2ban.py', 456, 'main', 'initializeFwRules()'),
('/usr/share/fail2ban/fail2ban.py', 105, 'initializeFwRules',
'element[2].initialize(conf["debug"])'),
('/usr/share/fail2ban/firewall/firewall.py', 62, 'initialize',
'executeCmd(self.startRule, debug)'),
('/usr/share/fail2ban/utils/process.py', 134, 'executeCmd', 'raise
ExternalError("Execution of command \'%s\' failed" % cmd)')]
2005-10-18 09:05:50,534 WARNING: Restoring firewall rules...
2005-10-18 09:05:50,555 ERROR: 'iptables -D INPUT -p tcp --dport ssh -j
fail2ban-ssh
iptables -F fail2ban-ssh
iptables -X fail2ban-ssh' returned 256


Maybe fail2ban starts too soon?

/var/log/messages:
Oct 18 09:05:50 spike kernel: ip_tables: (C) 2000-2002 Netfilter core team
Oct 18 09:05:50 spike kernel: ip_conntrack version 2.1 (2048 buckets,
16384 max) - 296 bytes per conntrack


[about 09:41]
/etc/init.d/fail2ban status
Status of fail2ban: fail2ban is not running.
[EMAIL PROTECTED]:~# /etc/init.d/fail2ban start
Starting fail2ban: fail2ban.
[EMAIL PROTECTED]:~# cat /var/log/fail2ban.log
[...]
2005-10-18 09:41:32,032 WARNING: Verbose level is 1
2005-10-18 09:41:32,035 INFO: Fail2Ban v0.5.4 is running
2005-10-18 09:41:32,039 INFO: Enabled sections: ['SSH']


Regards,
Ralph


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to