I must have left out that configuration
option. I'm not sure where to put it. Can
anybody tell me what is missing? Basically I
want to block out x number of ports (by number if not name)
At 11:00 PM 2/15/2018, you wrote:
Content-Type: multipart/alternative;
boundary="------------990F4B5EE39CD743274188C9"
Content-Language: en-US
You have a problem with your firewallcmd-ipset action which you didn't post.
Bill
On 2/14/2018 8:38 PM, M.P. wrote:
can someone explain to me where the error is in
this configuration? Here's the error message
I get when manually trying to ban using the
jail, "manban" - I think I may need a slightly
different set of parms to shut out certain
ports and am not using the right references..
2018-02-12 13:38:01,892 fail2ban.action   Â
    [1305]: ERROR  ipset add
fail2ban-manban 118.69.37.118 timeout 7776000 -exist -- stdout: ''
2018-02-12 13:38:01,892 fail2ban.action   Â
    [1305]: ERROR  ipset add
fail2ban-manban 118.69.37.118 timeout 7776000
-exist -- stderr: 'ipset v6.29: The set with the given name does not exist\n'
2018-02-12 13:38:01,892 fail2ban.action   Â
    [1305]: ERROR  ipset add
fail2ban-manban 118.69.37.118 timeout 7776000 -exist -- returned 1
2018-02-12 13:38:01,892 fail2ban.actions   Â
   [1305]: ERROR  Failed to execute ban
jail 'manban' action 'firewallcmd-ipset' info
'CallingMap({'ipjailmatches': <function
<lambda> at 0x124c938>, 'matches': '', 'ip':
'118.69.37.118', 'ipmatches': <function
<lambda> at 0x124ca28>, 'ipfailures': <function
<lambda> at 0x124c578>, 'time':
1518464281.783138, 'failures': 1,
'ipjailfailures': <function <lambda> at
0x124c6e0>})': Error banning 118.69.37.118
jail.local:Â (think the problem may be with
the command/parms I'm using to determine which ports to block)
[manban]
enabled = true
filter  = manban
port =
smtp,465,submission,imap2,imap3,imaps,pop3,pop3s,http,https,socks,21,22
logpath = /var/log/manban.log
maxretry = 1
# 1 month
bantime = 2592000
findtime = 3600
manban.conf:Â (I assume this isn't the problem
because this is a copy of an existing conf that isn't being actively tested)
[INCLUDES]
before = common.conf
[Definition]
#Looks for failed password logins to SMTP
# sample trigger line: [Fri Aug 19 10:33:10
2011] [error] [client 207.171.3.138] File does
not exist: /var/www/skraps/roundcubemail
failregex =
^\[\w{1,3}.\w{1,3}.\d{1,2}.\d{1,2}:\d{1,2}:\d{1,2}
\d{1,4}. \[error] \[client.<HOST>].File does not exist:.{1,40}roundcube.{1
,200}
ignoreregex =
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
<http://sdm.link/slashdot>http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
<mailto:[email protected]>[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
