soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 3:45 pm

Getting this error when starting fail2ban

Docs: man:fail2ban(1)
Process: 11060 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)

Mar 10 10:44:15 coqui systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Mar 10 10:44:15 coqui systemd[1]: Failed to start Fail2Ban Service.

User avatar
DougieLawson
Posts: 35815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 3:52 pm

Open a LXTerminal and run sudo /usr/bin/fail2ban-client -v -v -v start that should tell you what's wrong with your configuration files.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 4:54 pm

Thanks Idouglas.

ERROR Failed during configuration: While reading from '/etc/fail2ban/jail.conf' [line 155]: option 'port' in section 'pam-generic' already exists

Not sure how to fix this ?

User avatar
DougieLawson
Posts: 35815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 4:57 pm

Edit your /etc/fail2ban/jail.conf and/or /etc/fail2ban/jail.d/defaults-debian.conf to ensure nothing is defined twice.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 5:04 pm

My guess i need to remove line 155. Port-any port ?

# port actually must be irrelevant but lets leave it all for some possible uses
port = all
banaction = iptables-allports
port = anyport
logpath = /var/log/auth.log
maxretry = 6

nope that didn't work
Last edited by soydepr on Sat Mar 10, 2018 5:07 pm, edited 1 time in total.

User avatar
DougieLawson
Posts: 35815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 6:09 pm

You should be looking for [pam-generic] being duplicated between the two files.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 6:25 pm

This is what i have

# Generic filter for pam. Has to be used with action which bans all ports
# such as iptables-allports, shorewall
[pam-generic]

enabled = false
# pam-generic filter can be customized to monitor specific subset of 'tty's
filter = pam-generic


Iptables shows
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh

User avatar
DougieLawson
Posts: 35815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 8:16 pm

Run this
cd /etc/fail2ban
sudo grep -R -i 'pam-generic' *

On my system I've got that piece commented out.

Code: Select all

[email protected]:/etc/fail2ban # grep -R -i 'pam-generic' *
filter.d/dovecot.conf:# * the first regex is essentially a copy of pam-generic.conf
jail.conf:#[pam-generic]
jail.conf:# pam-generic filter can be customized to monitor specific subset of 'tty's
[email protected]:/etc/fail2ban #
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 9:28 pm

[email protected]:/etc/fail2ban# grep -R -i 'pam-generic'*
jail.conf:[pam-generic]
jail.conf:# pam-generic filter can be customized to monitor specific subset of 'tty's
jail.conf:filter = pam-generic
jail.conf.dpkg-dist:[pam-generic]
jail.conf.dpkg-dist:# pam-generic filter can be customized to monitor specific subset of 'tty's
filter.d/dovecot.conf:# * the first regex is essentially a copy of pam-generic.conf



thanks for your help. .... eventually I remove fail2ban. rm -rf /etc/fail2ban. and then install it and it works but now I am missing jail.conf

many thanks for your input

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Sat Mar 10, 2018 9:53 pm

someone share jail.conf as it missing now

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Wed Mar 14, 2018 8:48 am

Since this still not working i decided to try downloading from github now i get this error

fail2ban.service: Cannot add dependency job, ignoring: Unit fail2ban.service

User avatar
DougieLawson
Posts: 35815
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Fail2ban fails after upgrading to stretch

Wed Mar 14, 2018 9:09 am

Try this:

sudo -s
apt purge fail2ban
rm -rf /etc/fail2ban
apt install fail2ban
exit


It gives you ssh protection out of the box with no modifications. You can then save copies of files you're going to change and change one thing at a time and test your modifications.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

soydepr
Posts: 155
Joined: Mon Mar 24, 2014 10:51 am

Re: Fail2ban fails after upgrading to stretch

Wed Mar 14, 2018 1:05 pm

That work thanks

Return to “General discussion”