🛈 SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu Linux 20.04.3 |
Webmin version | 1.984 |
Virtualmin version | 6.17-3 |
Related packages | failban 0.11.1 |
As you know we recently upgraded from Ubuntu 18.,04 to 20.04 LTS, we have been through many painful changes, which is part of life. The good news is that we are moving forward. However, the really bad news is: fail2ban is not working for all the jails.
I had 23 jails enabled an older version (0.10.2) and I wanted to have all of them on the new one… However, when I run fail2ban-server status on the old server I can see 23 jails but the same command on the new server (new version of f2b) shows only 18 jails.
The 5 missing jails are: courier-auth, phpmyadmin-syslog, pam-generic, postfix-auth and postfix-sasl
The last 3 jails (phpmyadmin-syslog, pam-generic, postfix-auth and postfix-sasl) are very important for us as there is a lot of scan and login attempt going on around these and my logs are getting filled up. TBH, I have now closed all the ports now just to protect the system but obviously, it is now impacting us with our BAU activities.
I have checked all that I could have but was unable to figure out what I am missing. I think there are some syntax changes with the f2b configuration in the new version and I still using old syntax and old configuration but then how come it is working for the remaining 18 jails?
Can you pls confirm if I need to create a file in the filter.d and action.d folder as well? If yes, can you pls share the code for postfix-sasl that needs to go under a specific folder/file?
I will be more than happy to copy-paste the code and test it - to see if that works.
Many Thanks,
Ravi