LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   Purge and reinstall of Fail2Ban on Ubuntu 10.04 is failing (http://www.linuxquestions.org/questions/linux-general-1/purge-and-reinstall-of-fail2ban-on-ubuntu-10-04-is-failing-838680/)

thinktink 10-17-2010 05:41 PM

Purge and reinstall of Fail2Ban on Ubuntu 10.04 is failing
 
I've installed fail2ban before, apt-get purged it, and then reinstalled it.

I don't know if it was doing it before the purge but I'm getting an error when I try to enable jails and reload it:

Code:

user@homeserver:~$ su
Password:
root@homeserver:/home/user# fail2ban-client reload
WARNING 'findtime' not defined in 'apache-noscript'. Using default value
ERROR  Error in action definition action = iptables-allports[name=apache-noscript, port="http,https", protocol="tcp]
ERROR  Errors in jail 'apache-noscript'. Skipping...
root@homeserver:/home/user#

I looked at the action files but I can't find anything obviously wrong right away. Anybody seen this before?

unSpawn 10-17-2010 06:59 PM

Quote:

Originally Posted by thinktink (Post 4130600)
I've installed fail2ban before, apt-get purged it, and then reinstalled it.

I'm not sure why you would want to do that in the first place. That is not the Linux way of fixing things.


Quote:

Originally Posted by thinktink (Post 4130600)
Code:

WARNING 'findtime' not defined in 'apache-noscript'. Using default value

If findtime is not defined fail2ban uses its default jail.conf value. That's OK.


Quote:

Originally Posted by thinktink (Post 4130600)
Code:

ERROR  Error in action definition action = iptables-allports[name=apache-noscript, port="http,https", protocol="tcp]

Maybe you deleted part of the line? The 'protocol="tcp]' part looks like it's missing a double quote. Double quotes are only necessary when using multiple items like 'protocol="tcp,udp"'.

thinktink 10-17-2010 10:41 PM

Quote:

Originally Posted by unSpawn (Post 4130652)
I'm not sure why you would want to do that in the first place. That is not the Linux way of fixing things.

I did that because I did accidentally change a value and I couldn't remember what it was before so I yanked the install to purge the corrupted value and installed fresh to work with.


Quote:

Originally Posted by unSpawn (Post 4130652)
Maybe you deleted part of the line? The 'protocol="tcp]' part looks like it's missing a double quote. Double quotes are only necessary when using multiple items like 'protocol="tcp,udp"'.

Nope, I didn't mess with that part of the file. And it was also replaced with the purge/reinstall.

[EDIT /]
I just did another apt-get purge then reinstall. It's starting working again. Now all I get are the warnings.

unSpawn 10-18-2010 03:18 AM

Quote:

Originally Posted by thinktink (Post 4130799)
I did that because I did accidentally change a value and I couldn't remember what it was before

Making a backup of the file you're about to edit may be quicker, more efficient. Maybe that's something to try next time. Making regular backups is good anyway.


All times are GMT -5. The time now is 05:09 PM.