Package: fail2ban
Version: 0.9.1-1
Severity: important
the recidive jail is spewing lines into fail2ban.log like this
2015-05-02 11:30:38,076 fail2ban.action [26155]: ERROR iptables -N
f2b-recidive
iptables -A f2b-recidive -j RETURN
iptables -I INPUT -p all -m multiport --dports all -j f2b-recidive -- stderr:
b"iptables v1.4.21: multiport needs `-p tcp', `-p udp', `-p udplite', `-p sctp'
or `-p dccp'\nTry `iptables -h' or 'iptables --help' for more information.\n"
2015-05-02 11:30:38,077 fail2ban.action [26155]: ERROR iptables -N
f2b-recidive
iptables -A f2b-recidive -j RETURN
iptables -I INPUT -p all -m multiport --dports all -j f2b-recidive -- returned 2
The reason seems to be this in jail.conf
[recidive]
logpath = /var/log/fail2ban.log
port = all
protocol = all
...
adding a jail.local entry
[recidive]
enabled = true
banaction = iptables-allports
fixes the error, so perhaps this last line should be in jail.conf
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages fail2ban depends on:
ii init-system-helpers 1.22
ii lsb-base 4.1+Debian13+nmu1
ii python3 3.4.2-2
pn python3:any
Versions of packages fail2ban recommends:
ii iptables 1.4.21-2+b1
ii python3-pyinotify 0.9.5-1
ii whois 5.2.7
Versions of packages fail2ban suggests:
ii bsd-mailx [mailx]8.1.2-0.20141216cvs-2
ii mailutils [mailx]1:2.99.98-2
ii mailx1:20081101-2
pn python3-systemd
ii rsyslog [system-log-daemon] 8.4.2-1
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org