13 Sep 2011 Kay   » (Journeyer)

Fixing synchronization problems in fail2ban

fail2ban is a software which can be used to monitor service log files and ban IP addresses which executed a brute force attack or tried to use the mail server as a spam relay. In the default configuration in Debian GNU/Linux only SSH login attempts are monitored which works pretty nice. But when you try to add more services then you may run into the problem that fail2ban no longer starts up correctly. The log file contains errors like this:

fail2ban.actions.action: ERROR  iptables -N fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh returned 200

I searched on the net but only found more victims of this problem, no solution. So I analyzed what was going on here and I finally figured it out.

Continue reading "Fixing synchronization problems in fail2ban"

Syndicated 2011-09-13 17:37:43 from K's cluttered loft

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!