You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You have not applied any additional foreign patches to the codebase
Some customizations were done to the configuration (provide details below is so)
The issue:
I'm trying to use a jail to whitelist IP adresses that appear in a special log file (whitelist.log)
I've setup a new jail (whitelist) and set the filter to read the log file.
In my action file, I have:
actionban = fail2ban-client set <name> addignoreip <ip>
actionunban = fail2ban-client set <name> delignoreip <ip>
When a new entry is added to the whitelist.log file, fail2ban tries to run the actionban command and it hangs. After 60 seconds, the fail2ban server process crashes.
The same happens if I manually ban / unban the ip using : fail2ban-client set <jail> banip <ip>
If I replace the actionban by another action (sendmail), it works as intended.
Is this a know limitation or bug ?
Can it be resolved?
Thanks.
Relevant parts of /var/log/fail2ban.log file:
This is the log when trying to ban IP 99.99.99.99
2021-06-29 21:46:50,396 fail2ban.actions [320]: NOTICE [whitelist] Ban 99.99.99.99
2021-06-29 21:47:50,413 fail2ban.utils [320]: ERROR 7feaa6352f10 -- exec: fail2ban-client set whitelist addignoreip 99.99.99.99
2021-06-29 21:47:50,414 fail2ban.utils [320]: ERROR 7feaa6352f10 -- timed out after 60 seconds.
2021-06-29 21:47:50,616 fail2ban.utils [320]: ERROR fail2ban-client set whitelist addignoreip 99.99.99.99 -- failed with [Errno 3] No such process
2021-06-29 21:47:50,616 fail2ban.utils [320]: ERROR 7feaa6352f10 -- stdout: ''
2021-06-29 21:47:50,616 fail2ban.utils [320]: ERROR 7feaa6352f10 -- stderr: '2021-06-29 21:47:50,414 fail2ban [381]: WARNING Caught signal 15. Exiting'
2021-06-29 21:47:50,616 fail2ban.utils [320]: ERROR 7feaa6352f10 -- killed with signal 127 (return code: 255)
2021-06-29 21:47:50,617 fail2ban.actions [320]: ERROR Failed to execute ban jail 'whitelist' action 'whitelist' info 'ActionInfo({'ip': '99.99.99.99', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7feaa7488f70>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7feaa7487670>})': Error banning 99.99.99.99
The text was updated successfully, but these errors were encountered:
Although such a limitation is unknown to me but I can imagine that some lock could indeed bother here, since addignoreip would set synchronously.
It could be "fixed", just I still don't follow the intention.
It looks like whitelist is a jail which is used to whitelist IPs (to add them to ignored), but to do what exactly? To avoid add the (already whitelisted) IPs again?..
For instance if the filter of whitelist jail finds an IP 192.0.2.1 and will "ban" it (basically add it to ignore list), it would then ignore it later so can not "ban" this IP hereafter (basically can't add 192.0.2.1 to ignored anymore). But which real needs the jail should serve excepting this weird "ignore" carrousel?
I think ignorecommand facility may be better suitable for this purposes (that are still unknown to me). Also this can be cached using ignorecache (to speedup the lookup e. g. to avoid command invocation too often), take a look at #2013 (comment) for example.
Environment:
The issue:
I'm trying to use a jail to whitelist IP adresses that appear in a special log file (
whitelist.log
)I've setup a new jail (whitelist) and set the filter to read the log file.
In my action file, I have:
When a new entry is added to the
whitelist.log
file, fail2ban tries to run theactionban
command and it hangs. After 60 seconds, the fail2ban server process crashes.The same happens if I manually ban / unban the ip using :
fail2ban-client set <jail> banip <ip>
If I replace the actionban by another action (sendmail), it works as intended.
Is this a know limitation or bug ?
Can it be resolved?
Thanks.
Relevant parts of /var/log/fail2ban.log file:
This is the log when trying to ban IP 99.99.99.99
The text was updated successfully, but these errors were encountered: