I am quite new to CentOS. I tried to install Fail2ban on my new Linux server with CentOS 7 64bit. I followed a guide on internet. Everything worked fine until I started to edit /etc/fail2ban/fail2ban.local. I wasn't able to restart the service - it failed. So I decided to remove Fail2ban and install it from scratch. I did it this way:
systemctl disable fail2ban
systemctl daemon-reload
systemctl reset-failed
yum remove fail2ban
I manualy deleted directory fail2ban from /etc and I deleted fail2ban.service from /usr/lib/system/multi-user.target.wants
After all of this I run
yum install fail2ban
It works fine. Unfortunately command
systemctl start fail2ban
gives me error - Failed to start fail2ban.service: Unit not found.
Please, is there a way, how to fix this mess?
Fail2Ban installation
-
- Posts: 1521
- Joined: 2014/05/21 20:16:00
- Location: Central New York, USA
Re: Fail2Ban installation
There's /var/log/fail2ban.log
Check your config files again - sounds a lot like you've enabled a jai for a service that isn't running on your computer. Try disabling jails, one at a time, and trying 'systemctl start fail2ban' to find out which one(s).
Another possibility is that there's no log file for a service - vsftp did that to me and I had to 'touch' it to create one.
I hope this is helpful.
Check your config files again - sounds a lot like you've enabled a jai for a service that isn't running on your computer. Try disabling jails, one at a time, and trying 'systemctl start fail2ban' to find out which one(s).
Another possibility is that there's no log file for a service - vsftp did that to me and I had to 'touch' it to create one.
I hope this is helpful.
Re: Fail2Ban installation
Thanks a lot for your hints.lightman47 wrote:There's /var/log/fail2ban.log
Check your config files again - sounds a lot like you've enabled a jai for a service that isn't running on your computer. Try disabling jails, one at a time, and trying 'systemctl start fail2ban' to find out which one(s).
Another possibility is that there's no log file for a service - vsftp did that to me and I had to 'touch' it to create one.
I hope this is helpful.
Jails - sry, as I am new to Linux, I am not sure what you are talking about. So far I have met "jails" within setting FTP.
Log file - it was there after the first installation, but now, it doesn't exit. So I created new empty one and I tried start fail2ban. The message is same - "Failed to start fail2ban.service: Unit not found." and the log file is empty. It looks to me the issue is with missing fail2ban.service file ....
-
- Posts: 1521
- Joined: 2014/05/21 20:16:00
- Location: Central New York, USA
Re: Fail2Ban installation
you define which 'jails' you want to run in /etc/fail2ban/jail.local
in your case, it sounds like you want the ftp jail to run. For my vsftp server, mine looks like:
CAUTION: I have my settings tight; it's actually only for my personal use.
in your case, it sounds like you want the ftp jail to run. For my vsftp server, mine looks like:
Code: Select all
[vsftpd-iptables]
# logpath = %(syslog_authpriv)s
# if you want to rely on PAM failed login attempts
# vsftpd's failregex should match both of those formats
#port = ftp,ftp-data,ftps,ftps-data
#logpath = %(vsftpd_log)s
enabled = true
filter = vsftpd
action = iptables[name=VSFTPD, port = 0:65535, protocol=tcp]
sendmail-whois[name=VSFTPD, dest=mymail@mydomain.com, sender=fail2ban@example.com, sendername="mymachine Fail2Ban"]
logpath = /var/log/vsftpd.log
maxretry = 1
bantime = 172800