Bug 1272683
| Summary: | EPEL fail2ban 0.9.3-1 for RHEL6 appears broken | ||
|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | Ric Anderson <azric47> |
| Component: | fail2ban | Assignee: | Orion Poplawski <orion> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | el6 | CC: | athmanem, orion, vonsch |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-10-17 15:33:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1272681 *** |
Description of problem: fail2ban 0.9.3-1.el6 appears broken Version-Release number of selected component (if applicable): 0.9.3-1.el6 How reproducible: always on multiple RHEL 6.7 and CentOS 6.7 hosts. Steps to Reproduce: 1. on a system with fail2ban 0.9.2-1 (or older) run "iptables -L" and note the fail2ban ssh chain (and maybe others depending on config) are listed. 2. yum update (takes EPEL fail2ban from 0.9.2-1 to 0.9.3-1) 3. reboot 4. run "iptables -L" and notice the fail2ban chains are no longer displayed. 5. ssh in with a bad password multiple times, and fail2ban errors trying to block the offending IP. Actual results: 1. fail2ban chains not visible in iptables -L. 2. fail2ban errors when trying to block an IP. Expected results: 1. chains should be visible in iptables -L output as with previous versions of fail2ban. 2. fail2ban should not error when trying to block an IP. Additional info: Error in /var/log/messages when an IP made too many failed login attempts with bad password: Oct 17 07:32:24 sage fail2ban.actions[30744]: ERROR Failed to execute ban jail 'ssh-iptables' action 'iptables' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f6733371320>, 'matches': u'Oct 17 07:31:40 sage sshd[30759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mrs.howell.opus1.com user=root\nOct 17 07:31:42 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:47 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:50 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:53 sage sshd[30761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mrs.howell.opus1.com user=root\nOct 17 07:31:55 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2\nOct 17 07:31:59 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2\nOct 17 07:32:02 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2', 'ip': '192.245.12.221', 'ipmatches': <function <lambda> at 0x7f673336be60>, 'ipfailures': <function <lambda> at 0x7f6733371488>, 'time': 1445092344.582804, 'failures': 8, 'ipjailfailures': <function <lambda> at 0x7f6733371668>})': Error stopping action