Date: Sat, 14 Oct 2017 08:54:20 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 222997] security/py-fail2ban upgrade to 0.10.0 will break pf rules on system Message-ID: <bug-222997-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D222997 Bug ID: 222997 Summary: security/py-fail2ban upgrade to 0.10.0 will break pf rules on system Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: idefix@fechner.net CC: theis@gmx.at Flags: maintainer-feedback?(theis@gmx.at) CC: theis@gmx.at Upgraded to new version 0.10.0 causes that fail2ban is removeing all existi= ng pf rules. While starting fail2ban I can see some error messsages in the fail2ban log file: 2017-10-14 10:48:38,302 fail2ban.server [95430]: INFO=20=20=20 -------------------------------------------------- 2017-10-14 10:48:38,303 fail2ban.server [95430]: INFO Starting Fail2ban v0.10.0 2017-10-14 10:48:38,303 fail2ban.server [95430]: INFO Daemon sta= rted 2017-10-14 10:48:38,433 fail2ban.database [95430]: INFO Connected = to fail2ban persistent database '/var/db/fail2ban/fail2ban.sqlite3' 2017-10-14 10:48:38,457 fail2ban.jail [95430]: INFO Creating n= ew jail 'pure-ftpd' 2017-10-14 10:48:38,476 fail2ban.jail [95430]: INFO Jail 'pure-ftpd' uses poller {} 2017-10-14 10:48:38,476 fail2ban.jail [95430]: INFO Initiated 'polling' backend 2017-10-14 10:48:38,503 fail2ban.server [95430]: INFO Jail pure-= ftpd is not a JournalFilter instance 2017-10-14 10:48:38,504 fail2ban.filter [95430]: INFO Added logf= ile: '/var/log/xferlog' (pos =3D 33943, hash =3D c0fde45278c4bda31a75b73a4ed1309= 2) 2017-10-14 10:48:38,505 fail2ban.filter [95430]: INFO maxRetry= : 3 2017-10-14 10:48:38,508 fail2ban.filter [95430]: INFO encoding: US-ASCII 2017-10-14 10:48:38,509 fail2ban.actions [95430]: INFO banTime: 21600 2017-10-14 10:48:38,510 fail2ban.filter [95430]: INFO findtime: 259200 2017-10-14 10:48:38,514 fail2ban.jail [95430]: INFO Creating n= ew jail 'postfix' 2017-10-14 10:48:38,516 fail2ban.jail [95430]: INFO Jail 'post= fix' uses poller {} 2017-10-14 10:48:38,516 fail2ban.jail [95430]: INFO Initiated 'polling' backend 2017-10-14 10:48:38,549 fail2ban.server [95430]: INFO Jail postf= ix is not a JournalFilter instance 2017-10-14 10:48:38,550 fail2ban.filter [95430]: INFO Added logf= ile: '/var/log/maillog' (pos =3D 8010576, hash =3D 19ee1e8548b2c189396190b75a3ce= 0b6) 2017-10-14 10:48:38,551 fail2ban.filter [95430]: INFO maxRetry= : 3 2017-10-14 10:48:38,554 fail2ban.filter [95430]: INFO encoding: US-ASCII 2017-10-14 10:48:38,555 fail2ban.actions [95430]: INFO banTime: 21600 2017-10-14 10:48:38,556 fail2ban.filter [95430]: INFO findtime: 259200 2017-10-14 10:48:38,559 fail2ban.jail [95430]: INFO Creating n= ew jail 'dovecot' 2017-10-14 10:48:38,561 fail2ban.jail [95430]: INFO Jail 'dove= cot' uses poller {} 2017-10-14 10:48:38,561 fail2ban.jail [95430]: INFO Initiated 'polling' backend 2017-10-14 10:48:38,598 fail2ban.server [95430]: INFO Jail dovec= ot is not a JournalFilter instance 2017-10-14 10:48:38,599 fail2ban.filter [95430]: INFO Added logf= ile: '/var/log/maillog' (pos =3D 8010576, hash =3D 19ee1e8548b2c189396190b75a3ce= 0b6) 2017-10-14 10:48:38,600 fail2ban.filter [95430]: INFO maxRetry= : 3 2017-10-14 10:48:38,603 fail2ban.filter [95430]: INFO encoding: US-ASCII 2017-10-14 10:48:38,604 fail2ban.actions [95430]: INFO banTime: 21600 2017-10-14 10:48:38,605 fail2ban.filter [95430]: INFO findtime: 259200 2017-10-14 10:48:38,608 fail2ban.jail [95430]: INFO Creating n= ew jail 'sieve' 2017-10-14 10:48:38,610 fail2ban.jail [95430]: INFO Jail 'siev= e' uses poller {} 2017-10-14 10:48:38,610 fail2ban.jail [95430]: INFO Initiated 'polling' backend 2017-10-14 10:48:38,621 fail2ban.filter [95430]: INFO Added logf= ile: '/var/log/maillog' (pos =3D 8010576, hash =3D 19ee1e8548b2c189396190b75a3ce= 0b6) 2017-10-14 10:48:38,622 fail2ban.filter [95430]: INFO maxRetry= : 3 2017-10-14 10:48:38,624 fail2ban.filter [95430]: INFO encoding: US-ASCII 2017-10-14 10:48:38,625 fail2ban.actions [95430]: INFO banTime: 21600 2017-10-14 10:48:38,626 fail2ban.filter [95430]: INFO findtime: 259200 2017-10-14 10:48:38,630 fail2ban.jail [95430]: INFO Creating n= ew jail 'ssh' 2017-10-14 10:48:38,631 fail2ban.jail [95430]: INFO Jail 'ssh' uses poller {} 2017-10-14 10:48:38,632 fail2ban.jail [95430]: INFO Initiated 'polling' backend 2017-10-14 10:48:38,689 fail2ban.filter [95430]: INFO Added logf= ile: '/var/log/auth.log' (pos =3D 77792, hash =3D 55771e37d99c2e7695c6a7b5fcb2e2= d9) 2017-10-14 10:48:38,689 fail2ban.filter [95430]: INFO maxRetry= : 3 2017-10-14 10:48:38,692 fail2ban.filter [95430]: INFO encoding: US-ASCII 2017-10-14 10:48:38,693 fail2ban.actions [95430]: INFO banTime: 21600 2017-10-14 10:48:38,694 fail2ban.filter [95430]: INFO findtime: 259200 2017-10-14 10:48:38,703 fail2ban.jail [95430]: INFO Jail 'pure-ftpd' started 2017-10-14 10:48:38,708 fail2ban.jail [95430]: INFO Jail 'post= fix' started 2017-10-14 10:48:38,710 fail2ban.jail [95430]: INFO Jail 'dove= cot' started 2017-10-14 10:48:38,713 fail2ban.jail [95430]: INFO Jail 'siev= e' started 2017-10-14 10:48:38,723 fail2ban.jail [95430]: INFO Jail 'ssh' started 2017-10-14 10:48:38,734 fail2ban.utils [95430]: Level 39 801b75cf0= -- exec: echo "table <f2b-pure-ftpd> persist counters" | pfctl -f- echo "block proto tcp from <f2b-pure-ftpd> to any port ftp,ftp-data,ftps,ftps-data" | pfctl -f- 2017-10-14 10:48:38,735 fail2ban.utils [95430]: ERROR 801b75cf0 = -- stderr: 'stdin:1: syntax error' 2017-10-14 10:48:38,735 fail2ban.utils [95430]: ERROR 801b75cf0 = -- stderr: 'pfctl: Syntax error in config file: pf rules not loaded' 2017-10-14 10:48:38,735 fail2ban.utils [95430]: ERROR 801b75cf0 = -- returned 1 2017-10-14 10:48:38,736 fail2ban.actions [95430]: ERROR Failed to start jail 'pure-ftpd' action 'pf': Error starting action Jail('pure-ftpd')= /pf 2017-10-14 10:48:38,762 fail2ban.utils [95430]: Level 39 801b58e90= -- exec: echo "table <f2b-postfix> persist counters" | pfctl -f- echo "block proto tcp from <f2b-postfix> to any port smtp,465,submission" | pfctl -f- 2017-10-14 10:48:38,763 fail2ban.utils [95430]: ERROR 801b58e90 = -- stderr: 'stdin:1: syntax error' 2017-10-14 10:48:38,763 fail2ban.utils [95430]: ERROR 801b58e90 = -- stderr: 'pfctl: Syntax error in config file: pf rules not loaded' 2017-10-14 10:48:38,763 fail2ban.utils [95430]: ERROR 801b58e90 = -- returned 1 2017-10-14 10:48:38,764 fail2ban.actions [95430]: ERROR Failed to start jail 'postfix' action 'pf': Error starting action Jail('postfix')/pf 2017-10-14 10:48:38,791 fail2ban.utils [95430]: Level 39 80577c6b0= -- exec: echo "table <f2b-dovecot> persist counters" | pfctl -f- echo "block proto tcp from <f2b-dovecot> to any port pop3,pop3s,imap,imaps,submission,465,sieve" | pfctl -f- 2017-10-14 10:48:38,791 fail2ban.utils [95430]: ERROR 80577c6b0 = -- stderr: 'stdin:1: syntax error' 2017-10-14 10:48:38,792 fail2ban.utils [95430]: ERROR 80577c6b0 = -- stderr: 'pfctl: Syntax error in config file: pf rules not loaded' 2017-10-14 10:48:38,792 fail2ban.utils [95430]: ERROR 80577c6b0 = -- returned 1 2017-10-14 10:48:38,793 fail2ban.actions [95430]: ERROR Failed to start jail 'dovecot' action 'pf': Error starting action Jail('dovecot')/pf 2017-10-14 10:48:38,820 fail2ban.utils [95430]: Level 39 806588030= -- exec: echo "table <f2b-sieve> persist counters" | pfctl -f- echo "block proto tcp from <f2b-sieve> to any port smtp,465,submission" | p= fctl -f- 2017-10-14 10:48:38,820 fail2ban.utils [95430]: ERROR 806588030 = -- stderr: 'stdin:1: syntax error' 2017-10-14 10:48:38,821 fail2ban.utils [95430]: ERROR 806588030 = -- stderr: 'pfctl: Syntax error in config file: pf rules not loaded' 2017-10-14 10:48:38,821 fail2ban.utils [95430]: ERROR 806588030 = -- returned 1 2017-10-14 10:48:38,822 fail2ban.actions [95430]: ERROR Failed to start jail 'sieve' action 'pf': Error starting action Jail('sieve')/pf 2017-10-14 10:48:38,849 fail2ban.actions [95430]: NOTICE [ssh] Rest= ore Ban 103.28.121.86 2017-10-14 10:48:38,878 fail2ban.actions [95430]: NOTICE [ssh] Rest= ore Ban 179.99.236.29 2017-10-14 10:48:38,907 fail2ban.actions [95430]: NOTICE [ssh] Rest= ore Ban 182.18.153.206 2017-10-14 10:48:38,936 fail2ban.actions [95430]: NOTICE [ssh] Rest= ore Ban 37.49.225.93 2017-10-14 10:48:55,226 fail2ban.filter [95430]: INFO [postfix] Found 180.76.248.34 - 2017-10-14 10:48:55 2017-10-14 10:52:18,914 fail2ban.filter [95430]: INFO [ssh] Found 112.133.225.115 - 2017-10-14 10:52:18 2017-10-14 10:53:07,365 fail2ban.actions [95430]: NOTICE [ssh] Unban 103.28.121.86 After this all rules from the firewall are gone and I have to manually relo= ad the firewall again with: service pf reload --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-222997-13>