Fail2ban not working Topic is solved

Having issues with your DietPi installation, or, found a bug? Post it here.
Post Reply
mafioso12dk
Posts: 3
Joined: Wed Oct 07, 2020 9:56 am

Fail2ban not working

Post by mafioso12dk »

I made a new installation with RealVCN, fail2ban, samba, nextcloud, rpi-monitor and chromium. I checked today if fail2ban is even working and that's what I've got:

Code: Select all

dietpi@DietPi:~$ fail2ban-client status dropbear
 Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?
I checked the path /var/run/fail2ban and there is no file/folder fail2ban.sock

Anyone knows where is the problem?

Thank you in advance
User avatar
Joulinar
Posts: 2287
Joined: Sat Nov 16, 2019 12:49 am

Re: Fail2ban not working

Post by Joulinar »

Hi,

many thanks for your message. I guess your service is not running. Pls can you check

Code: Select all

systemctl status fail2ban.service
If you see something like the following, a value within config file is missing

Code: Select all

Oct 07 12:52:31 DietPi3 fail2ban-server[683]:  Failed during configuration: Bad value substitution: option 'filter' in section 'dropbear' contains an interpolation key 'mode' which is not a valid option name. Raw value: '%(__name__)s[mode=%(mode)s]'
A quick fix would be following

Code: Select all

nano /etc/fail2ban/jail.conf
And add mode = normal before filter. Should looks like this

Code: Select all

[DEFAULT]
enabled = true
ignoreip = 127.0.0.1/8
ignorecommand =
backend = systemd
mode = normal
filter = %(__name__)s[mode=%(mode)s]
findtime  = 600
Once done save the file and restart the service

Code: Select all

systemctl restart fail2ban.service
systemctl status fail2ban.service
Status should be active (running) now
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
mafioso12dk
Posts: 3
Joined: Wed Oct 07, 2020 9:56 am

Re: Fail2ban not working

Post by mafioso12dk »

After status check I got this message:

Code: Select all

dietpi@DietPi:~$ systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset:
 enabled)
   Active: failed (Result: exit-code) since Wed 2020-10-07 10:49:56 B
ST; 5h 34min ago
     Docs: man:fail2ban(1)
  Process: 487 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=exited, status
=0/SUCCESS)
  Process: 491 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited
, status=255/EXCEPTION)
 Main PID: 491 (code=exited, status=255/EXCEPTION)
But your method helped. Now it works. Thanks for help
User avatar
Joulinar
Posts: 2287
Joined: Sat Nov 16, 2019 12:49 am

Re: Fail2ban not working

Post by Joulinar »

ok good that it is working now.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
MichaIng
Site Admin
Posts: 2324
Joined: Sat Nov 18, 2017 6:21 pm

Re: Fail2ban not working

Post by MichaIng »

Many thanks for reporting. But @mafioso12dk does your service status still shows a failing state, or was this before the fix? In case check again, or the logs only:
journalctl -u fail2ban
User avatar
Joulinar
Posts: 2287
Joined: Sat Nov 16, 2019 12:49 am

Re: Fail2ban not working

Post by Joulinar »

@MichaIng
It's working now, if I understood correctly
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply