1272683 – EPEL fail2ban 0.9.3-1 for RHEL6 appears broken

Bug 1272683 - EPEL fail2ban 0.9.3-1 for RHEL6 appears broken

Summary: EPEL fail2ban 0.9.3-1 for RHEL6 appears broken

Keywords:
Status:	CLOSED DUPLICATE of bug 1272681
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	fail2ban
Sub Component:
Version:	el6
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Orion Poplawski
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-10-17 15:28 UTC by Ric Anderson
Modified:	2015-10-17 15:33 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-10-17 15:33:01 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Ric Anderson 2015-10-17 15:28:05 UTC

Description of problem: fail2ban 0.9.3-1.el6 appears broken


Version-Release number of selected component (if applicable): 0.9.3-1.el6 


How reproducible:  
always on multiple RHEL 6.7 and CentOS 6.7 hosts.

Steps to Reproduce:
1. on a system with fail2ban 0.9.2-1 (or older) run "iptables -L" and note the fail2ban ssh chain (and maybe others depending on config) are listed.
2. yum update (takes EPEL fail2ban from 0.9.2-1 to 0.9.3-1)
3. reboot
4. run "iptables -L" and notice the fail2ban chains are no longer displayed.
5. ssh in with a bad password multiple times, and fail2ban errors trying to block the offending IP.

Actual results:
1. fail2ban chains not visible in iptables -L.
2. fail2ban errors when trying to block an IP.

Expected results:
1. chains should be visible in iptables -L output as with previous versions of fail2ban.
2. fail2ban should not error when trying to block an IP.


Additional info:
Error in /var/log/messages when an IP made too many failed login attempts with bad password:
Oct 17 07:32:24 sage fail2ban.actions[30744]: ERROR Failed to execute ban jail 'ssh-iptables' action 'iptables' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7f6733371320>, 'matches': u'Oct 17 07:31:40 sage sshd[30759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mrs.howell.opus1.com  user=root\nOct 17 07:31:42 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:47 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:50 sage sshd[30759]: Failed password for root from 192.245.12.221 port 37711 ssh2\nOct 17 07:31:53 sage sshd[30761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mrs.howell.opus1.com  user=root\nOct 17 07:31:55 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2\nOct 17 07:31:59 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2\nOct 17 07:32:02 sage sshd[30761]: Failed password for root from 192.245.12.221 port 37712 ssh2', 'ip': '192.245.12.221', 'ipmatches': <function <lambda> at 0x7f673336be60>, 'ipfailures': <function <lambda> at 0x7f6733371488>, 'time': 1445092344.582804, 'failures': 8, 'ipjailfailures': <function <lambda> at 0x7f6733371668>})': Error stopping action

Comment 1 Orion Poplawski 2015-10-17 15:33:01 UTC


*** This bug has been marked as a duplicate of bug 1272681 ***

Note You need to log in before you can comment on or make changes to this bug.