Disable-Fail2ban

Discussion in 'Bug Reporting and Fixes' started by RonRussell, Mar 23, 2010.

  1. RonRussell

    RonRussell Guru

    Joined:
    Mar 22, 2008
    Messages:
    112
    Likes Received:
    4
    Fail2ban does not stop when using the "disable-fail2ban" script. I will try to find out why. In the mean time I stopped fail2ban using the Webmin - System - Bootup and Shutdown - Fail2ban module.

    This is a new install of PBIAF 1.4

    * Running Asterisk Version : Asterisk 1.4.21.2
    * Asterisk Source Version : 1.4.21.2
    * Zaptel Source Version : 1.4.12.1
    * Libpri Source Version : 1.4.10.2
    * Addons Source Version : 1.4.7
    *****************************************
    pbx.local on 192.168.xxx.xxx- eth0
    CentOS release 5.2 (Final) :32 Bit Kernel: 2.6.18-92.1.22.el5
     
  2. dswartz

    dswartz Guru

    Joined:
    Feb 17, 2009
    Messages:
    1,056
    Likes Received:
    0
    I had the same problem. I hate fail2ban, but when I run the disable script, it tells me it isn't installed. I disabled it with the service and chkconfig commands on the CLI.
     
  3. darmock

    darmock PIAF Developer

    Joined:
    Oct 18, 2007
    Messages:
    2,892
    Likes Received:
    98
    First I have heard about it. I will look into it.


    Tom
     
  4. dswartz

    dswartz Guru

    Joined:
    Feb 17, 2009
    Messages:
    1,056
    Likes Received:
    0
    root@pbx:~ $ disable-fail2ban
    You don't appear to have fail2ban installed! Please run update-scripts16 and update-fixes16 again!
     
  5. darmock

    darmock PIAF Developer

    Joined:
    Oct 18, 2007
    Messages:
    2,892
    Likes Received:
    98
    fail2ban-client status

    Tom
     
  6. dswartz

    dswartz Guru

    Joined:
    Feb 17, 2009
    Messages:
    1,056
    Likes Received:
    0
    aha.

    root@pbx:~ $ fail2ban-client status
    ERROR Unable to contact server. Is it running?


    I assume this is because I disabled it manually? If so, the error was kinda non-intuitive. It never occurred to me that something needed to be running to disable it. Sorry for the false alarm.
     
  7. RonRussell

    RonRussell Guru

    Joined:
    Mar 22, 2008
    Messages:
    112
    Likes Received:
    4
    Fail2ban was actually running on my server but the "disable-fail2ban" script returned a message saying it was not running.
     
  8. darmock

    darmock PIAF Developer

    Joined:
    Oct 18, 2007
    Messages:
    2,892
    Likes Received:
    98
    Yup I will rewrite it to provide better information. That particular code has not been touched in a while and it is on the list of rewrites for piaf 1.7
     
  9. darmock

    darmock PIAF Developer

    Joined:
    Oct 18, 2007
    Messages:
    2,892
    Likes Received:
    98
    I will look at correcting this shortly


    Tom
     
  10. blanchae

    blanchae Guru

    Joined:
    Mar 12, 2008
    Messages:
    1,910
    Likes Received:
    9
    Alternative to stopping fail2ban:

    From the Linux command prompt type: "service fail2ban stop"

    To start fail2ban: "service fail2ban start"

    To reload fail2ban if you have a banned IP: "service fail2ban restart"
    Restarting will "clear" the ban.

    To prevent fail2ban from banning IPs on the local network or other places: Modify /etc/fail2ban/jail.conf look for the line:

    #ignoreip 127.0.0.1 192.168.1.24/24 ....

    uncomment it by removing the # and then change the IP addresses. To have fail2ban ignore network 192.168.20.0 (255.255.255.0), add 192.168.20.0/24 to the above line. You can add as many networks as you like. Just leave a space.

    Just a note, if you have a VPN or a tunnel, you should add its network too. I've had the tunnel banned!

    You can see if fail2ban has banned an IP by checking /var/log/fail2ban.log. It will indicate banned and unbanned IP addresses.
     
  11. dswartz

    dswartz Guru

    Joined:
    Feb 17, 2009
    Messages:
    1,056
    Likes Received:
    0
    Note: if you want to stop fail2ban permanently, don't just use the service command, as if you reboot piaf for some reason, you will be surprised to see it is running again. You would also need to do "chkconfig fail2ban off".
     
  12. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,351
    Likes Received:
    2,442
    The usual warnings apply. Be sure you know what you're doing before you try any of this. And... if you disable or adjust the security mechanisms in PBX in a Flash, you're on your own when the house of cards comes tumbling down and the next phone bill arrives. :rolleyes5:
     

Share This Page