Hello, I installed on debian fresh version of fail2ban and it seems it doesn't work.
Debian 6.0
fail2ban version: 0.8.4-3
When I try to start fail2ban I get this error msg:
Code:
2011-12-11 14:33:40,692 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4-SVN
2011-12-11 14:33:40,693 fail2ban.jail : INFO Creating new jail 'ssh'
2011-12-11 14:33:40,694 fail2ban.jail : INFO Jail 'ssh' uses poller
2011-12-11 14:33:40,712 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2011-12-11 14:33:40,713 fail2ban.filter : INFO Set maxRetry = 6
2011-12-11 14:33:40,715 fail2ban.filter : INFO Set findtime = 600
2011-12-11 14:33:40,716 fail2ban.actions: INFO Set banTime = 600
2011-12-11 14:33:40,783 fail2ban.jail : INFO Jail 'ssh' started
2011-12-11 14:33:40,817 fail2ban.actions.action: ERROR iptables -N fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh returned 100
So if fail2ban managed to catch bad IP it cannot pass it to IPTABLES.
I have tried this solutions:
http://oschgan.com/drupal/index.php?q=node/52
If I add this line fail2ban doesn't want to start.
http://www.fail2ban.org/wiki/index.p...Misc_Questions
It says add this to your startup script: PATH=$PATH:/sbin
And in startup script I already have path sbin
PATH=/usr/sbin:/usr/bin:/sbin:/bin