Fail2Ban installation

General support questions
Post Reply
Craos
Posts: 10
Joined: 2018/03/20 09:58:29

Fail2Ban installation

Post by Craos » 2018/03/20 10:07:12

I am quite new to CentOS. I tried to install Fail2ban on my new Linux server with CentOS 7 64bit. I followed a guide on internet. Everything worked fine until I started to edit /etc/fail2ban/fail2ban.local. I wasn't able to restart the service - it failed. So I decided to remove Fail2ban and install it from scratch. I did it this way:

systemctl disable fail2ban
systemctl daemon-reload
systemctl reset-failed
yum remove fail2ban

I manualy deleted directory fail2ban from /etc and I deleted fail2ban.service from /usr/lib/system/multi-user.target.wants

After all of this I run

yum install fail2ban

It works fine. Unfortunately command

systemctl start fail2ban

gives me error - Failed to start fail2ban.service: Unit not found.

Please, is there a way, how to fix this mess?

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Fail2Ban installation

Post by lightman47 » 2018/03/20 12:20:25

There's /var/log/fail2ban.log

Check your config files again - sounds a lot like you've enabled a jai for a service that isn't running on your computer. Try disabling jails, one at a time, and trying 'systemctl start fail2ban' to find out which one(s).

Another possibility is that there's no log file for a service - vsftp did that to me and I had to 'touch' it to create one.

I hope this is helpful.

Craos
Posts: 10
Joined: 2018/03/20 09:58:29

Re: Fail2Ban installation

Post by Craos » 2018/03/20 13:07:07

lightman47 wrote:There's /var/log/fail2ban.log

Check your config files again - sounds a lot like you've enabled a jai for a service that isn't running on your computer. Try disabling jails, one at a time, and trying 'systemctl start fail2ban' to find out which one(s).

Another possibility is that there's no log file for a service - vsftp did that to me and I had to 'touch' it to create one.

I hope this is helpful.
Thanks a lot for your hints.

Jails - sry, as I am new to Linux, I am not sure what you are talking about. So far I have met "jails" within setting FTP.
Log file - it was there after the first installation, but now, it doesn't exit. So I created new empty one and I tried start fail2ban. The message is same - "Failed to start fail2ban.service: Unit not found." and the log file is empty. It looks to me the issue is with missing fail2ban.service file ....

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Fail2Ban installation

Post by lightman47 » 2018/03/20 13:19:59

you define which 'jails' you want to run in /etc/fail2ban/jail.local

in your case, it sounds like you want the ftp jail to run. For my vsftp server, mine looks like:

Code: Select all

[vsftpd-iptables]

# logpath = %(syslog_authpriv)s
# if you want to rely on PAM failed login attempts
# vsftpd's failregex should match both of those formats
#port     = ftp,ftp-data,ftps,ftps-data
#logpath  = %(vsftpd_log)s

enabled  = true
filter   = vsftpd
action   = iptables[name=VSFTPD, port = 0:65535, protocol=tcp]
           sendmail-whois[name=VSFTPD, dest=mymail@mydomain.com, sender=fail2ban@example.com, sendername="mymachine Fail2Ban"]
logpath  = /var/log/vsftpd.log
maxretry = 1
bantime  = 172800

CAUTION: I have my settings tight; it's actually only for my personal use.

Post Reply