fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Support for security such as Firewalls and securing linux
Post Reply
hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by hack3rcon » 2019/01/08 08:01:50

Hello.
I installed fail2ban and configure it by https://fedoraproject.org/wiki/Fail2ban_with_FirewallD instructions. my "jail.local" file content is:

Code: Select all

[DEFAULT]
bantime = 3600
sender = fail2ban@example.com
destemail = myemail@yahoo.com
action = %(action_mwl)s
backend = systemd

[sshd]
enabled = true

[sshd-ddos]
# This jail corresponds to the standard configuration in Fail2ban.
# The mail-whois action send a notification e-mail with a whois request
# in the body.
port    = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s

[apache-auth]

port     = http,https
logpath  = %(apache_error_log)s


[apache-overflows]

port     = http,https
logpath  = %(apache_error_log)s
maxretry = 2
When I want to start "fail2ban" via "systemctl start fail2ban" then it show me below error:

Code: Select all

Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
What is my problem?

Thank you.

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by jlehtone » 2019/01/08 08:57:51

See "systemctl status fail2ban.service" and "journalctl -xe" for details.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by hack3rcon » 2019/01/08 09:21:49

jlehtone wrote:
2019/01/08 08:57:51
See "systemctl status fail2ban.service" and "journalctl -xe" for details.

Code: Select all

# systemctl status fail2ban.service 
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since Tue 2019-01-08 11:28:47 +0330; 1h 7min ago
     Docs: man:fail2ban(1)
  Process: 4780 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)

Jan 08 11:28:47 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service failed.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service holdoff time over, scheduling restart.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Stopped Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: start request repeated too quickly for fail2ban.service
Jan 08 11:28:47 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service failed.

Code: Select all

# journalctl -xe
-- 
-- Unit fail2ban.service has begun starting up.
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR  Found no accessible config files for 'action.d/sendmail-whois-lines' under /etc/fail2
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR  Error in action definition sendmail-whois-lines[name=sshd, sender="fail2ban@example.com"
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR  Errors in jail 'sshd'. Skipping...
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service: control process exited, code=exited status=255
Jan 08 12:36:45 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit fail2ban.service has failed.
-- 
-- The result is failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service holdoff time over, scheduling restart.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Stopped Fail2Ban Service.
-- Subject: Unit fail2ban.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit fail2ban.service has finished shutting down.
Jan 08 12:36:45 localhost.localdomain systemd[1]: start request repeated too quickly for fail2ban.service
Jan 08 12:36:45 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit fail2ban.service has failed.
-- 
-- The result is failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service failed.
I guess it is because of "sendmail" and according to https://support.plesk.com/hc/en-us/arti ... mail-whois "sendmail-whois.conf" is missing. How can I configure it?
I installed "Fail2ban-sendmail" too.

Thanks.

mghe
Posts: 766
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by mghe » 2019/01/08 09:23:24

You have to set 'banaction', it depend of Your config firewalld or iptables.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by hack3rcon » 2019/01/08 09:26:18

mghe wrote:
2019/01/08 09:23:24
You have to set 'banaction', it depend of Your config firewalld or iptables.
My config is:

Code: Select all

# firewall-cmd --list-all
You're performing an operation over default zone ('public'),
but your connections/interfaces are in zone 'internal' (see --get-active-zones)
You most likely need to use --zone=internal option.

public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: dhcpv6-client ssh http https
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

mghe
Posts: 766
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by mghe » 2019/01/08 12:51:47

[DEFAULT]
banaction = firewallcmd-ipset


Read more: https://fedoraproject.org/wiki/Fail2ban ... -firewalld

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by hack3rcon » 2019/01/08 13:14:02

mghe wrote:
2019/01/08 12:51:47
[DEFAULT]
banaction = firewallcmd-ipset


Read more: https://fedoraproject.org/wiki/Fail2ban ... -firewalld
Yes, file "/etc/fail2ban/jail.d/00-firewalld.conf" has that lines.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"

Post by hack3rcon » 2019/01/12 06:57:58

I guess, I found the problem. When I removed "action = %(action_mwl)s" from "jail.local" then it's worked.
Why?

Post Reply