Estou tentando ativar a filtragem de postfix no fail2ban e o systemd não permite que ele seja iniciado

Navegue suas respostas
0

status do systemctl fail2ban.service 

    * fail2ban.service - Fail2Ban Service
       Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled;             vendor preset: enabled)
       Active: inactive (dead) (Result: exit-code) since Wed 2017-05-10     05:36:32 EDT; 7s ago
         Docs: man:fail2ban(1)
  Process: 3157 ExecStop=/usr/bin/fail2ban-client stop (code=exited, status=0/SUCCESS)
  Process: 3318 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
 Main PID: 3135 (code=exited, status=0/SUCCESS)

May 10 05:36:31 lynch-family systemd[1]: Failed to start Fail2Ban Service.
May 10 05:36:31 lynch-family systemd[1]: fail2ban.service: Unit entered failed state.
May 10 05:36:31 lynch-family systemd[1]: fail2ban.service: Failed with result 'exit-code'.
May 10 05:36:32 lynch-family systemd[1]: fail2ban.service: Service hold-off time over, scheduling restart.
May 10 05:36:32 lynch-family systemd[1]: Stopped Fail2Ban Service.
May 10 05:36:32 lynch-family systemd[1]: fail2ban.service: Start request repeated too quickly.
May 10 05:36:32 lynch-family systemd[1]: Failed to start Fail2Ban Service.

e

journalctl -xe 

-- Unit fail2ban.service has finished shutting down.
May 10 05:35:04 lynch-family systemd[1]: fail2ban.service: Start request repeated too quickly.
May 10 05:35:04 lynch-family systemd[1]: Failed to start Fail2Ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit fail2ban.service has failed.
-- 
-- The result is failed.

(Removido um monte de linhas mail.log)

Isso está executando o serviço fail2ban start or restart. Se eu desabilitar o postfix, ele funciona: Parte relevante da jail.local: 

[postfix]
enabled = true

port     = smtp,465,submission
logpath  = %(postfix_log)s

Alguma ideia? Obrigado.

    
por user1424074 10.05.2017 / 11:52

2 respostas

1

Eu tive o mesmo problema com a nova versão do Fail2Ban Monitor no Ubuntu 16.04 LTS

Com a nova atualização, eles criaram um pouco mais de estrutura na configuração.

Mas quando você inicia um serviço fail2ban , você obtém uma saída detalhada para syslog algo assim 

Nov  2 02:05:16 xost fail2ban-client[3171]: ERROR  No file(s) found for glob /var/log/mail.warn
Nov  2 02:05:16 xost fail2ban-client[3171]: ERROR  Failed during configuration: Have not found any log file for postfix jail

ou assim 

Nov  2 02:28:35 xost fail2ban-client[9365]: ERROR  Failed during configuration: Bad value substitution: option 'logpath' in section 'sshd' contains an interpolation key 'syslog_authpriv' which is not a valid option name. Raw value: '%(sshd_log)s'
Nov  2 02:28:35 xost systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Nov  2 02:28:35 xost systemd[1]: Failed to start Fail2Ban Service.

Apenas certifique-se de preencher todas as variantes.

No jail.conf, coloque o arquivo vars apropriado: 

[INCLUDES]
before = paths-common.conf

E neste arquivo, verifique se todos os registros que você irá monitorar estão indicados 

# There is no sensible generic defaults for syslog log targets, thus
# leaving them empty here so that no errors while parsing/interpolating configs
syslog_daemon =
syslog_ftp = /var/log/proftpd/proftpd.log
syslog_local0 =
syslog_mail_warn = /var/log/mail.log
syslog_user =

No meu exemplo, desde que eu espere monitorar postfix e proftpd eu tive que colocar os caminhos de seus logs

    
por Igor Popov 02.11.2017 / 09:46
1
% bl0ck_qu0te%

- anotado como resolvido por OP na pergunta.

    
por muru 25.06.2018 / 18:01
Áreas em branco e preto em janelas de aplicativos ou pop-ups! Alterando o volume do ALSA remotamente