This solved my issue!
Thanks
Op 11/16/2017 om 10:25 AM schreef Darac Marjal:
> On Thu, Nov 16, 2017 at 05:04:50AM -0300, Robert Gilaard wrote:
>> Dear fail2ban Community,
>>
>> On my Ubuntu server 16.04 instance fail2ban keeps crashing and
>> restarting.
>>
>> In my iptables-multiport.conf file under actionstart I have a Line to
>> add a ip.blacklist file with fixed address that sshd OR other
>> services feed.
>>
>> The command is exactly:
>>
>> cat /etc/fail2ban/ip.blacklist | while read IP; do iptables -I
>> f2b-<name> 1 -s $ip -j DROP; done
>>
>> However, my ip.blacklist file has now already 63169 different ip
>> addresses.
>>
>> Can this be the reason fail2ban-client status asks me if fail2ban is
>> running and ufw status verbose tells me "Another app is currently
>> holding the xtables lock. Perhaps you want to use the -w option?
>
> If you're using ufw to manage your firewall, then you probably don't
> want to be using the iptables-* actions in fail2ban. Most firewall
> frontends maintain their own state of how the firewall should look and
> convert this into netfilter tables (either by calling the iptables cli
> or by interfacing directly with the kernel). If you have two different
> frontends controlling the firewall (ufw and iptables), then you'll
> probably hit issues with one not knowing about the rules the other has
> instated.
>
> In other words, if you use ufw to manage your firewall, use the ufw
> action within fail2ban. This will allow fail2ban to tell ufw that you
> want to ban an IP and ufw will adjust its rules accordingly and apply
> that to the (kernel) firewall.
>
> Other benefits of this approach? If you restart ufw while fail2ban is
> banning an IP, ufw will reinstate the ban because it knows you want it
> banned.
>
>>
>> What can cause this?
>>
>> Robert
>> --
>>
>>
>>
>> ---
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>>
>>
>> ------------------------------------------------------------------------------
>>
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Fail2ban-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
