Fail2ban doesn't start

Webmin
1

AlmaLinux 8.9
Webmin 2.105

the service won’t start after a default install from the webmin UI, with or without any jails enabled - also tried rebooting the server

# systemctl status fail2ban
Starting Fail2Ban Service...
Started Fail2Ban Service.
ERROR   Failed during configuration: While reading from '/etc/fail2ban/jail.>
ERROR   Async configuration of server failed
fail2ban.service: Main process exited, code=exited, status=255/n/a
fail2ban.service: Failed with result 'exit-code'.
2

You need to see the whole error. You’ve got the file name cut off so you don’t even know what you’re looking for.

If you can’t expand the window large enough for it not to be cut of, you can probably see it in the journal (journalctl -u fail2ban --since="-5min" assuming you tried to start it within the past five minutes).

3 
Dec 05 00:29:03 host.example.org systemd[1]: Starting Fail2Ban Service...
Dec 05 00:29:03 host.example.org systemd[1]: Started Fail2Ban Service.
Dec 05 00:29:04 host.example.org fail2ban-server[3484]: 2023-12-05 00:29:04,166 fail2ban                [3484]: ERROR   Failed during configuration: While reading from '/etc/fail2ban/jail.>
Dec 05 00:29:04 host.example.org fail2ban-server[3484]: 2023-12-05 00:29:04,170 fail2ban                [3484]: ERROR   Async configuration of server failed
Dec 05 00:29:04 host.example.org systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/n/a
Dec 05 00:29:04 host.example.org systemd[1]: fail2ban.service: Failed with result 'exit-code'.
4

Not sure about the error '/etc/fail2ban/jail.>

Plenty of jail. files on my system. Maybe Alma not setting this up correctly?

-rw-r--r-- 1 root root  25K Oct  8 15:02 /etc/fail2ban/jail.conf
-rw-r--r-- 1 root root  385 Oct  8 15:02 /etc/fail2ban/jail.local

/etc/fail2ban/jail.d:
total 20K
drwxr-xr-x 2 root root 4.0K Oct 26 10:08 .
-rw-r--r-- 1 root root  134 Oct 26 10:08 10-wordpress.conf
drwxr-xr-x 6 root root 4.0K Oct  8 15:02 ..
-rw-r--r-- 1 root root  172 Feb  6  2023 00-firewalld.conf
-rw-r--r-- 1 root root   22 Jul 12  2021 defaults-debian.conf
root@main:~#
5

The line is still being cut off. That > is how it tells you there’s more to it. I think you can scroll over with right arrow key. We need to know what it’s trying to load.

6

ah, i got it now…

Failed during configuration: While reading from '/etc/fail2ban/jail.conf' [line 447]: option 'port' in section 'groupoffice' already exists

1 Like
7

So, there you go. Fix that duplicate option and try again.

8

here’s the referenced section of jail.conf - both port and logpath are duplicated - i don’t know what to remove because i don’t know what groupoffice or sogo is for

i’ve never edited this file by hand, so i’m wondering if there’s a problem with how webmin installed fail2ban - i’ve seen quite a few posts about the service failing to start

[groupoffice]

port     = http,https
logpath  = /home/groupoffice/log/info.log

# port    = 20000
port     = http,https
logpath  = /var/log/sogo/sogo.log
9

Oh…hmm…did you edit it in the Webmin Jailkit module? I wrote that one, it may have bugs (everybody writes bugs, and I probably write them more often than Jamie).

Edit: nevermind. I’m talking about the wrong module. Fail2ban module is Jamie’s. But, question still stands, did you edit the fail2ban jail config in Webmin?

10

The default file (not ours, it’s what ships with fail2ban), looks like this in that section:

[groupoffice]

port     = http,https
logpath  = /home/groupoffice/log/info.log


[sogo-auth]
# Monitor SOGo groupware server
# without proxy this would be:
# port    = 20000
port     = http,https
logpath  = /var/log/sogo/sogo.log

So, you’re missing a few lines there that starts a new jail, so port doesn’t get repeated.

11

no sir - i installed f2b from the unused modules in webmin, then enabled some of the jail filters (in webmin), then noticed the daemon wasn’t starting so i disabled all the filters and tried starting it that way (no joy) and rebooted the server (no joy)

12

thanks for supplying that - again, just want to re-confirm that i never touched the file, so i dunno what happened

13

Joe, after fixing the config given your code sample, new error is…

Failed during configuration: While reading from '/etc/fail2ban/jail.conf' [line 475]: option 'port' in section 'guacamole' already exists

that section looks like…

[guacamole]

port     = http,https
port = 2812
logpath  = /var/log/monit
           /var/log/monit.log

so there’s something very wrong here

if you suggest, i’d like to try removing f2b, deleting the config and re-installing???

here’s another section that doesn’t look correct…

[wuftpd]

port     = ftp,ftp-data,ftps,ftps-data
logpath  = %(wuftpd_log)s
backend  = %(wuftpd_backend)s
# if you want to rely on PAM failed login attempts
# vsftpd's failregex should match both of those formats
port     = ftp,ftp-data,ftps,ftps-data
logpath  = %(vsftpd_log)s


#

port     = smtp,465,submission
logpath  = /root/path/to/assp/logs/maillog.txt
14

Yeah, that’s probably reasonable. You’ll lose your customizations, but things are a mess now, and it seems like there’s a bug in the parser in the fail2ban module in Webmin since you didn’t edit it manually, but I’ve never seen it and no one else has reported it.

15

i don’t want to delete custom files that were installed with webmin, but it sounds like it’s safe to delete jail.conf - any other i should trash?

16

Webmin does not install custom files. Webmin literally never changes anything without being explicitly told to do so by the user. I mean the changes you made to it in Webmin.

That said, if you’re actually talking about a Virtualmin installation, there were several config changes made by the installer.

You can re-do those changes from a fresh install with virtualmin config-system --include Fail2banFirewalld

1 Like
18

Open a new topic for new problems

1 Like
19

That comment was spam, and the user has been deleted and banned.

20

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.