Sendmail on Fedora 21 with Fail2ban v0.9.4 and in local.cf I have
banaction = firewallcmd-ipset
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_TIME=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
Hi,\n
The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n
Here is more information about <ip>:\n
`/usr/bin/whois <ip>`\n\n
Matches:\n
<matches>\n\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
Here are the logs in /var/log/messages
Jun 17 15:10:31 xxx fail2ban-client: 2016-06-17 15:10:31,557 fail2ban.server
[16310]: INFO Starting Fail2ban v0.9.4
Jun 17 15:10:31 xxx fail2ban-client: 2016-06-17 15:10:31,557 fail2ban.server
[16310]: INFO Starting in daemon mode
Jun 17 15:10:36 xxx fail2ban-client: ERROR NOK: (21, 'Is a directory')
Jun 17 15:10:36 xxx fail2ban-client: ERROR NOK: (21, 'Is a directory')
Jun 17 15:10:42 xxx kernel: [10594.882685] Netfilter messages via NETLINK v0.30.
Jun 17 15:10:42 xxx kernel: Netfilter messages via NETLINK v0.30.
Jun 17 15:10:42 xxx kernel: [10594.908002] ip_set: protocol 6
Jun 17 15:10:42 xxx kernel: ip_set: protocol 6
Jun 17 15:11:15 xxx firewalld: 2016-06-17 15:11:15 ERROR: COMMAND_FAILED:
'/sbin/iptables -w -t filter -I INPUT_direct 75 -p udp -m multiport --dports
1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
-m set --match-set fail2ban-counter-strike-udp src -j REJECT --reject-with
icmp-port-unreachable' failed: iptables v1.4.21: too many ports
specified#012Try `iptables -h' or 'iptables --help' for more information.
logs in fail2ban.log:
2016-06-17 15:10:48,113 fail2ban.jail [16312]: INFO Jail
'haproxy-http-auth' started
2016-06-17 15:11:16,001 fail2ban.action [16312]: ERROR ipset create
fail2ban-counter-strike-udp hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp -m multiport
--dports
1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
-m set --match-set fail2ban-counter-strike-udp src -j REJECT --reject-with
icmp-port-unreachable -- stdout: "\x1b[91mError: COMMAND_FAILED:
'/sbin/iptables -w -t filter -I INPUT_direct 75 -p udp -m multiport --dports
1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
-m set --match-set fail2ban-counter-strike-udp src -j REJECT --reject-with
icmp-port-unreachable' failed: iptables v1.4.21: too many ports specified\nTry
`iptables -h' or 'iptables --help' for more information.\x1b[00m\n"
2016-06-17 15:11:16,006 fail2ban.action [16312]: ERROR ipset create
fail2ban-counter-strike-udp hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp -m multiport
--dports
1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
-m set --match-set fail2ban-counter-strike-udp src -j REJECT --reject-with
icmp-port-unreachable -- stderr: ''
2016-06-17 15:11:16,006 fail2ban.action [16312]: ERROR ipset create
fail2ban-counter-strike-udp hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp -m multiport
--dports
1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
-m set --match-set fail2ban-counter-strike-udp src -j REJECT --reject-with
icmp-port-unreachable -- returned 13
2016-06-17 15:11:16,007 fail2ban.actions [16312]: ERROR Failed to
start jail 'counter-strike' action 'firewallcmd-ipset-udp': Error starting
action
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
