API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 29th, 2019
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.14 KB | None | 0 0
raw download clone embed print report
  1. Ubuntu 18.04.2 LTS
  2. fail2ban/bionic,bionic,now 0.10.2-2 all [installed]
  3.  
  4. only changed /etc/fail2ban/jail.d/defaults-debian.conf to:
  5. [sshd]
  6. enabled = true
  7. port = 22
  8. action = iptables-multiport
  9. logpath = /var/log/auth.log
  10. maxretry = 2
  11. bantime = 3600
  12.  
  13. restarted the daemon with sysctemctl
  14. then trying to fail 2+ attempts from the same ext IP and it doesn't quite seem to work:
  15. $:/etc/fail2ban/jail.d# fail2ban-client status sshd
  16. Status for the jail: sshd
  17. |- Filter
  18. | |- Currently failed: 0
  19. | |- Total failed: 0
  20. | `- File list: /var/log/auth.log
  21. `- Actions
  22. |- Currently banned: 0
  23. |- Total banned: 0
  24. `- Banned IP list:
  25.  
  26. log upon service restart says:
  27. 2019-04-29 15:13:33,406 fail2ban.transmitter [2797]: WARNING Command ['status', 'ssh'] has failed. Received UnknownJailException('ssh',)
  28. 2019-04-29 15:14:46,624 fail2ban.server [2797]: INFO Shutdown in progress...
  29. 2019-04-29 15:14:46,624 fail2ban.server [2797]: INFO Stopping all jails
  30. 2019-04-29 15:14:46,625 fail2ban.filter [2797]: INFO Removed logfile: '/var/log/auth.log'
  31. 2019-04-29 15:14:46,984 fail2ban.actions [2797]: NOTICE [sshd] Flush ticket(s) with iptables-multiport
  32. 2019-04-29 15:14:46,985 fail2ban.jail [2797]: INFO Jail 'sshd' stopped
  33. 2019-04-29 15:14:46,985 fail2ban.database [2797]: INFO Connection to database closed.
  34. 2019-04-29 15:14:46,985 fail2ban.server [2797]: INFO Exiting Fail2ban
  35. 2019-04-29 15:14:47,114 fail2ban.server [3075]: INFO --------------------------------------------------
  36. 2019-04-29 15:14:47,115 fail2ban.server [3075]: INFO Starting Fail2ban v0.10.2
  37. 2019-04-29 15:14:47,116 fail2ban.database [3075]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
  38. 2019-04-29 15:14:47,117 fail2ban.jail [3075]: INFO Creating new jail 'sshd'
  39. 2019-04-29 15:14:47,119 fail2ban.jail [3075]: INFO Jail 'sshd' uses poller {}
  40. 2019-04-29 15:14:47,119 fail2ban.jail [3075]: INFO Initiated 'polling' backend
  41. 2019-04-29 15:14:47,120 fail2ban.filter [3075]: INFO maxLines: 1
  42. 2019-04-29 15:14:47,140 fail2ban.server [3075]: INFO Jail sshd is not a JournalFilter instance
  43. 2019-04-29 15:14:47,140 fail2ban.filter [3075]: INFO Added logfile: '/var/log/auth.log' (pos = 7070725, hash = 3000f5568634f4f210c166b92c6a0e5f9047f0f3)
  44. 2019-04-29 15:14:47,140 fail2ban.filter [3075]: INFO encoding: UTF-8
  45. 2019-04-29 15:14:47,141 fail2ban.filter [3075]: INFO maxRetry: 2
  46. 2019-04-29 15:14:47,141 fail2ban.filter [3075]: INFO findtime: 600
  47. 2019-04-29 15:14:47,141 fail2ban.actions [3075]: INFO banTime: 3600
  48. 2019-04-29 15:14:47,142 fail2ban.jail [3075]: INFO Jail 'sshd' started
  49.  
  50. and I don't see anything in IPTABLES, well expected in this case. yet:
  51. Chain INPUT (policy ACCEPT)
  52. target prot opt source destination
  53.  
  54. Chain FORWARD (policy ACCEPT)
  55. target prot opt source destination
  56.  
  57. Chain OUTPUT (policy ACCEPT)
  58. target prot opt source destination
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!