well -- in the logs you Lee sent to me I don't see 'Invariant check
failed', also I don't see anything suspicious -- everything is found and
banned and unbanned appropriately -- that is why iptables is clean at
the end since everything was unbanned already.
The only question is -- your jail.conf sets bantime to be some high
number, while fail2ban.log says that bantime is taken to be 600 (10 min)
and those 10min are in effect according to the logs. I modified on my
box -- and bantime was set appropriately, so I guess either it gets
overriden in jail.local (which you btw should have used instead of
direct modification of jail.conf), or this config is newer from when you
sent fail2ban.log. Any ideas/comments?
On Wed, 05 Mar 2008, Lee Braiden wrote:
> I'm also seeing this. The fail2ban chains are there in iptables, but they're
> empty. fail2ban is logging warnings like:
> 2008-03-04 20:31:58,835 fail2ban.actions: WARNING [ssh] 212.142.138.129
> already banned
> It's also logging this, which may or may not be related:
> 2008-03-01 00:02:35,106 fail2ban.actions.action: ERROR iptables -n -L INPUT
> |
> grep -q fail2ban-postfix returned 100
> 2008-03-01 00:02:35,107 fail2ban.actions.action: ERROR Invariant check
> failed. Trying to restore a sane environment
> This is not a backport. It's running sid on a powerpc box. Fail2ban does
> work on my x86 machine, which has an almost identical fail2ban config.
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://www.linkedin.com/in/yarik
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
