Page 1 of 1
fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 08:01:50
by hack3rcon
Hello.
I installed fail2ban and configure it by
https://fedoraproject.org/wiki/Fail2ban_with_FirewallD instructions. my "jail.local" file content is:
Code: Select all
[DEFAULT]
bantime = 3600
sender = fail2ban@example.com
destemail = myemail@yahoo.com
action = %(action_mwl)s
backend = systemd
[sshd]
enabled = true
[sshd-ddos]
# This jail corresponds to the standard configuration in Fail2ban.
# The mail-whois action send a notification e-mail with a whois request
# in the body.
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[apache-auth]
port = http,https
logpath = %(apache_error_log)s
[apache-overflows]
port = http,https
logpath = %(apache_error_log)s
maxretry = 2
When I want to start "fail2ban" via "systemctl start fail2ban" then it show me below error:
Code: Select all
Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
What is my problem?
Thank you.
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 08:57:51
by jlehtone
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 09:21:49
by hack3rcon
jlehtone wrote: ↑2019/01/08 08:57:51
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Code: Select all
# systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Tue 2019-01-08 11:28:47 +0330; 1h 7min ago
Docs: man:fail2ban(1)
Process: 4780 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
Jan 08 11:28:47 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service failed.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service holdoff time over, scheduling restart.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Stopped Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: start request repeated too quickly for fail2ban.service
Jan 08 11:28:47 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
Jan 08 11:28:47 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 11:28:47 localhost.localdomain systemd[1]: fail2ban.service failed.
Code: Select all
# journalctl -xe
--
-- Unit fail2ban.service has begun starting up.
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR Found no accessible config files for 'action.d/sendmail-whois-lines' under /etc/fail2
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR Error in action definition sendmail-whois-lines[name=sshd, sender="fail2ban@example.com"
Jan 08 12:36:45 localhost.localdomain fail2ban-client[7309]: ERROR Errors in jail 'sshd'. Skipping...
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service: control process exited, code=exited status=255
Jan 08 12:36:45 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit fail2ban.service has failed.
--
-- The result is failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service holdoff time over, scheduling restart.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Stopped Fail2Ban Service.
-- Subject: Unit fail2ban.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit fail2ban.service has finished shutting down.
Jan 08 12:36:45 localhost.localdomain systemd[1]: start request repeated too quickly for fail2ban.service
Jan 08 12:36:45 localhost.localdomain systemd[1]: Failed to start Fail2Ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit fail2ban.service has failed.
--
-- The result is failed.
Jan 08 12:36:45 localhost.localdomain systemd[1]: Unit fail2ban.service entered failed state.
Jan 08 12:36:45 localhost.localdomain systemd[1]: fail2ban.service failed.
I guess it is because of "sendmail" and according to
https://support.plesk.com/hc/en-us/arti ... mail-whois "sendmail-whois.conf" is missing. How can I configure it?
I installed "Fail2ban-sendmail" too.
Thanks.
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 09:23:24
by mghe
You have to set 'banaction', it depend of Your config firewalld or iptables.
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 09:26:18
by hack3rcon
mghe wrote: ↑2019/01/08 09:23:24
You have to set 'banaction', it depend of Your config firewalld or iptables.
My config is:
Code: Select all
# firewall-cmd --list-all
You're performing an operation over default zone ('public'),
but your connections/interfaces are in zone 'internal' (see --get-active-zones)
You most likely need to use --zone=internal option.
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh http https
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 12:51:47
by mghe
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/08 13:14:02
by hack3rcon
Yes, file "/etc/fail2ban/jail.d/00-firewalld.conf" has that lines.
Re: fail2ban and "Job for fail2ban.service failed because the control process exited with error code"
Posted: 2019/01/12 06:57:58
by hack3rcon
I guess, I found the problem. When I removed "action = %(action_mwl)s" from "jail.local" then it's worked.
Why?