Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 07 Dec 2016 15:30:54 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   [Bug 215120] security/py-fail2ban: fail2ban fails to ban IP address
Message-ID:  <bug-215120-13@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215120

            Bug ID: 215120
           Summary: security/py-fail2ban: fail2ban fails to ban IP address
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs@FreeBSD.org
          Reporter: olaf@zaplinski.de
                CC: theis@gmx.at
             Flags: maintainer-feedback?(theis@gmx.at)
                CC: theis@gmx.at

I just (re-) installed this port and added these files.


*** fail2ban.local:

[Definition]
loglevel =3D DEBUG


*** jail.local:

[DEFAULT]
# -- 3 Tage:
bantime =3D 259200

[bsd-sshd]
enabled =3D true
port =3D ssh
filter =3D bsd-sshd
logpath =3D /var/log/auth.log
banaction =3D zap-em


*** action.d/zap-em.conf:

[Definition]
actionban =3D ipfw table 1 add <ip>
actionunban =3D ipfw table 1 delete <ip>


Interesting is the log file's last line here:

2016-12-07 17:28:39,840 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'addaction', 'zap-em']
2016-12-07 17:28:39,840 fail2ban.CommandAction  [17952]: DEBUG   Set action
zap-em timeout =3D 60
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Set
actionstart =3D
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Set action=
ban
=3D
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Set
actionunban =3D
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Set
actioncheck =3D
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Set action=
stop
=3D
2016-12-07 17:28:39,841 fail2ban.CommandAction  [17952]: DEBUG   Created <c=
lass
'fail2ban.server.action.CommandAction'>
2016-12-07 17:28:39,842 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'actionban', 'ipfw table 1 add <ip>=
']
2016-12-07 17:28:39,842 fail2ban.CommandAction  [17952]: DEBUG   Set action=
ban
=3D ipfw table 1 add <ip>
2016-12-07 17:28:39,842 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'actionunban', 'ipfw table 1 delete
<ip>']
2016-12-07 17:28:39,842 fail2ban.CommandAction  [17952]: DEBUG   Set
actionunban =3D ipfw table 1 delete <ip>
2016-12-07 17:28:39,843 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'port', 'ssh']
2016-12-07 17:28:39,843 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'protocol', 'tcp']
2016-12-07 17:28:39,844 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'name', 'bsd-sshd']
2016-12-07 17:28:39,844 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'chain', 'INPUT']
2016-12-07 17:28:39,844 fail2ban.transmitter    [17952]: DEBUG   Command:
['set', 'bsd-sshd', 'action', 'zap-em', 'bantime', '259200']
2016-12-07 17:28:39,845 fail2ban.transmitter    [17952]: DEBUG   Command:
['start', 'bsd-sshd']
2016-12-07 17:28:39,845 fail2ban.jail           [17952]: INFO    Jail
'bsd-sshd' started
2016-12-07 17:28:39,846 fail2ban.filterpyinotify[17952]: DEBUG   pyinotifier
started for bsd-sshd.
2016-12-07 17:28:39,847 fail2ban.action         [17952]: DEBUG
2016-12-07 17:28:39,851 fail2ban.action         [17952]: DEBUG   Nothing to=
 do


The last line is missing in my Linux server's fail2ban log, and there fail2=
ban
does a great job. But this FreeBSD port does not block sshd abusers at all.

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215120-13>