On Sun, 19 Jul 2020, Bill Babcock wrote:
Date: Sun, 19 Jul 2020 16:20:13
From: Bill Babcock <[email protected]>
To: [email protected]
Subject: [Fail2ban-users] named-refuse-tcp causes fail2ban to fail to start
Hi Folks,
I upgraded a system recently and with that also upgraded to fail2ban 0.10.5
from 0.9.4.
I discovered that running fail2ban from systemd failed if I had the
named-refused-* rules enabled with this error:
fail2ban-server[1161]: 2020-07-18 16:06:29,230 fail2ban [1161]:
ERROR Failed during configuration: Have not found any log file for
named-refused-tcp jail
(I also have the udp rule and it likewise fails and I know the caution of using
that.)
However if I run the command by hand (as user root), it starts up fine and can
find the log file.
I'm running chrooted named and this worked fine in 0.9.4 (and as I say when I
run '/usr/bin/python -s /usr/bin/fail2ban-server -xf start' by hand).
So after searching without much success I was hoping someone might have a
suggestion on how to address this.
My other rules appear to be working correctly and don't prevent startup via
systemctl.
Thanks,
- bill
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
Hello Bill,
I have a dim recollection of a problem on a Gentoo box with Shorewall, requiring a manual start of
"fail2ban". It was partially caused by two processes starting together. I introduced a dependency so that
"Fail2ban" required "shorewall", and I think that was sufficient. However, this was not under
"systemd".
I hope this provides a helpful line of attack,
--
Graham
<a href="http://english-1329209197.spampoison.com";>Get free spam bait here.</a>
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
