After I updated to Debian Buster recently I started getting segmentation fault errors that I hadn't been getting before. I am including three examples from /var/log/fail2ban.log. The segfaults occur when trying to unban IPs. As a result I have a very long list of banned IPs.
I'd appreciate any hints as to how to go about solving this problem.
- - - - -
First example:
2021-04-14 12:28:55,929 fail2ban.actions [17394]: NOTICE [ssh] Unban
41.46.118.18
2021-04-14 12:28:56,090 fail2ban.utils [17394]: Level 39 7fc5984459c0
-- exec: iptables -D fail2ban-ssh -s 41.46.118.18 -j REJECT --reject-with
icmp-port-unreachable
2021-04-14 12:28:56,090 fail2ban.utils [17394]: ERROR 7fc5984459c0
-- stderr: 'Segmentation fault'
2021-04-14 12:28:56,090 fail2ban.utils [17394]: ERROR 7fc5984459c0
-- killed with SIGSEGV (return code: 139)
2021-04-14 12:28:56,091 fail2ban.actions [17394]: ERROR Failed to
execute unban jail 'ssh' action 'iptables-multiport' info 'ActionInfo({'ip':
'41.46.118.18', 'family': 'inet4', 'ip-rev': '18.118.46.41.', 'ip-host':
'host-41.46.118.18.tedata.net', 'fid': '41.46.118.18', 'failures': 6, 'time':
1618390134.0, 'matches': '', 'restored': 0, 'F-*': {'matches': [], 'failures':
6, 'mlfid': ' wynekens sshd[9820]: ', 'user': 'ubnt', 'ip4': '41.46.118.18'},
'ipmatches': '', 'ipjailmatches': '', 'ipfailures': 6, 'ipjailfailures': 6})':
Error unbanning 41.46.118.18
- - - - -
Second example:
2021-04-14 13:59:45,800 fail2ban.actions [17394]: NOTICE [ssh] Unban
124.182.106.18
2021-04-14 13:59:45,977 fail2ban.utils [17394]: Level 39 7fc599ce54b0
-- exec: iptables -D fail2ban-ssh -s 124.182.106.18 -j REJECT --reject-with
icmp-port-unreachable
2021-04-14 13:59:45,980 fail2ban.utils [17394]: ERROR 7fc599ce54b0
-- stderr: 'Segmentation fault'
2021-04-14 13:59:45,980 fail2ban.utils [17394]: ERROR 7fc599ce54b0
-- killed with SIGSEGV (return code: 139)
2021-04-14 13:59:45,980 fail2ban.actions [17394]: ERROR Failed to
execute unban jail 'ssh' action 'iptables-multiport' info 'ActionInfo({'ip':
'124.182.106.18', 'family': 'inet4', 'ip-rev': '18.106.182.124.', 'ip-host':
'cpe-124-182-106-18.sb01.sa.asp.telstra.net', 'fid': '124.182.106.18',
'failures': 6, 'time': 1618395585.0, 'matches': '', 'restored': 0, 'F-*':
{'matches': [], 'failures': 6, 'mlfid': ' wynekens sshd[10179]: ', 'user':
'ubnt', 'ip4': '124.182.106.18'}, 'ipmatches': '', 'ipjailmatches': '',
'ipfailures': 6, 'ipjailfailures': 6})': Error unbanning 124.182.106.18
- - - - -
Third example:
2021-04-14 20:57:11,934 fail2ban.actions [17394]: NOTICE [ssh] Unban
116.212.128.26
2021-04-14 20:57:12,132 fail2ban.utils [17394]: Level 39 7fc599ce56f0
-- exec: iptables -D fail2ban-ssh -s 116.212.128.26 -j REJECT --reject-with
icmp-port-unreachable
2021-04-14 20:57:12,177 fail2ban.utils [17394]: ERROR 7fc599ce56f0
-- stderr: 'Segmentation fault'
2021-04-14 20:57:12,177 fail2ban.utils [17394]: ERROR 7fc599ce56f0
-- killed with SIGSEGV (return code: 139)
2021-04-14 20:57:12,178 fail2ban.actions [17394]: ERROR Failed to
execute unban jail 'ssh' action 'iptables-multiport' info 'ActionInfo({'ip':
'116.212.128.26', 'family': 'inet4', 'ip-rev': '26.128.212.116.', 'ip-host':
None, 'fid': '116.212.128.26', 'failures': 6, 'time': 1618420631.0, 'matches':
'', 'restored': 0, 'F-*': {'matches': [], 'failures': 6, 'mlfid': ' wynekens
sshd[11641]: ', 'user': 'admin', 'ip4': '116.212.128.26'}, 'ipmatches': 'Apr 14
19:16:23 wynekens kernel: [1245977.211468] [UFW BLOCK] IN=eth0 OUT=
MAC=06:ea:9a:d8:27:bd:2c:6b:f5:a0:77:c0:08:00 SRC=116.212.128.26
DST=188.68.54.124 LEN=48 TOS=0x08 PREC=0x40 TTL=114 ID=8668 DF PROTO=TCP
SPT=58049 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 \nApr 14 19:16:26 wynekens
kernel: [1245980.453902] [UFW BLOCK] IN=eth0 OUT=
MAC=06:ea:9a:d8:27:bd:2c:6b:f5:a0:77:c0:08:00 SRC=116.212.128.26
DST=188.68.54.124 LEN=48 TOS=0x08 PREC=0x40 TTL=114 ID=10132 DF PROTO=TCP
SPT=59951 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 \nApr 14 19:16:29 wynekens
kernel: [1245983.445464] [UFW BLOCK] IN=eth0 OUT=
MAC=06:ea:9a:d8:27:bd:2c:6b:f5:a0:77:c0:08:00 SRC=116.212.128.26
DST=188.68.54.124 LEN=48 TOS=0x08 PREC=0x40 TTL=115 ID=11813 DF PROTO=TCP
SPT=61943 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 \nApr 14 19:16:34 wynekens
kernel: [1245987.897220] [UFW BLOCK] IN=eth0 OUT=
MAC=06:ea:9a:d8:27:bd:2c:6b:f5:a0:77:c0:08:00 SRC=116.212.128.26
DST=188.68.54.124 LEN=48 TOS=0x08 PREC=0x40 TTL=115 ID=14091 DF PROTO=TCP
SPT=64408 DPT=8728 WINDOW=8192 RES=0x00 SYN URGP=0 \nApr 14 19:16:37 wynekens
kernel: [1245990.918990] [UFW BLOCK] IN=eth0 OUT=
MAC=06:ea:9a:d8:27:bd:2c:6b:f5:a0:77:c0:08:00 SRC=116.212.128.26
DST=188.68.54.124 LEN=48 TOS=0x08 PREC=0x40 TTL=114 ID=15655 DF PROTO=TCP
SPT=49911 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 ', 'ipjailmatches': '',
'ipfailures': 11, 'ipjailfailures': 6})': Error unbanning 116.212.128.26
- - - - -
System information:
# iptables -V
iptables v1.8.2 (nf_tables)
# cat /proc/version
Linux version 4.19.0-16-amd64 ([email protected]) (gcc version
8.3.0 (Debian 8.3.0-6)) #1 SMP Debian 4.19.181-1 (2021-03-19)
# python -V
Python 2.7.16
# fail2ban-client -V
Fail2Ban v0.10.2
Copyright (c) 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
Copyright of modifications held by their respective authors.
Licensed under the GNU General Public License v2 (GPL).
Thanks,
Matthew
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
