While setting up a webserver, I noticed that
|
1 |
fail2ban-client status |
did not list all of the rules that I’d configured in
|
1 |
jail.d |
. Althought configuration files were added to the directory, the status wasn’t showing them listed, so it hadn’t activated the jails. Running
|
1 |
service fail2ban restart |
didn’t add them either.
After spending some time researching, some people suggest changing the backend used in fail2ban from auto to polling in jail.conf. Since you shouldn’t edit jail.conf on a debian based system, I tried creating a new file
|
1 |
nano /etc/fail2ban/jail.local |
and adding the line
|
1 |
backend = polling |
. This actually prevented the fail2ban service from starting for me. The errors in
|
1 |
systemctl status fail2ban.service |
didn’t show anything useful as to the cause of the error. In the end I reverted this change.
running
|
1 |
fail2ban-client reload |
did present error messages detailing which rule couldn’t be activated:
|
1 2 |
ERROR No file(s) found for glob /var/log/apache2/*.log ERROR Failed during configuration: Have not found any log file for apache-xmlrpc jail |
This then meant I was able to investigate the
|
1 |
jail.d |
config file with the rule indicated as causing the problem and correct the log file path.
|
1 |
fail2ban-client status |
then shows the correct jails running.
Leave a Reply