Package: fail2ban Version: 0.8.6-3wheezy3 Severity: minor Hello,
If you enable the apache-overflows jail, fail2ban reports the following: fail2ban.actions.action: ERROR iptables -N fail2ban-apache-overflows iptables -A fail2ban-apache-overflows -j RETURN iptables -I INPUT 1 -p tcp -m multiport --dports http,https -j fail2ban-apache-overflows iptables -N fail2ban-apache-overflows-log iptables -I fail2ban-apache-overflows-log -j LOG --log-prefix "$(expr fail2ban-apache-overflows : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2 iptables -A fail2ban-apache-overflows-log -j DROP returned 200 this is because chain name must be shorter than 29 characters: # iptables -N fail2ban-apache-overflows-log iptables v1.4.14: chain name `fail2ban-apache-overflows-log' too long (must be under 29 chars) Try `iptables -h' or 'iptables --help' for more information. The solution here is to rename the jail to something shorter. Best regards, Ghostdog -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages fail2ban depends on: ii lsb-base 4.1+Debian8+deb7u1 ii python 2.7.3-4+deb7u1 ii python-central 0.6.17 Versions of packages fail2ban recommends: ii iptables 1.4.14-3.1 ii python-gamin 0.1.10-4.1 ii whois 5.1.1~deb7u1 Versions of packages fail2ban suggests: ii bsd-mailx [mailx] 8.1.2-0.20111106cvs-1+deb7u1 -- Configuration Files: /etc/fail2ban/action.d/iptables-multiport-log.conf changed [not included] /etc/fail2ban/action.d/iptables-multiport.conf changed [not included] /etc/fail2ban/action.d/iptables-new.conf changed [not included] /etc/fail2ban/action.d/iptables.conf changed [not included] /etc/fail2ban/filter.d/postfix.conf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org