1 Topic by kysil

  • kysil
  • kysil
  • Member
  • Offline
  • From: Kyiv, UA
  • Registered: 2015-02-21
  • Posts: 105

Topic: fail2ban status

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: CentOS 7.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB 10.1.16
- Web server (Apache or Nginx): Nginx 1.10.1
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====

Hello,

Is this normal work for fail2ban?

$ systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2016-07-31 06:19:42 EEST; 4min 53s ago
     Docs: man:fail2ban(1)
  Process: 876 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=0/SUCCESS)
Main PID: 1175 (fail2ban-server)
   CGroup: /system.slice/fail2ban.service
           └─1175 /usr/bin/python2 -s /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b

Jul 31 06:19:41 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-postfix
                                                      iptables -w -A f2b-postfix -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -...
Jul 31 06:19:41 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-postfix
                                                      iptables -w -A f2b-postfix -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -...
Jul 31 06:19:41 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-postfix
                                                      iptables -w -A f2b-postfix -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -...
Jul 31 06:19:41 hostname.tld fail2ban.actions[1175]: ERROR Failed to start jail 'postfix-iredmail' action 'iptables-multiport': Error starting action
Jul 31 06:19:42 hostname.tld fail2ban.jail[1175]: INFO Jail 'sogo-iredmail' started
Jul 31 06:19:42 hostname.tld systemd[1]: Started Fail2Ban Service.
Jul 31 06:19:42 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-sogo
                                                      iptables -w -A f2b-sogo -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- s...
Jul 31 06:19:42 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-sogo
                                                      iptables -w -A f2b-sogo -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- s...
Jul 31 06:19:42 hostname.tld fail2ban.action[1175]: ERROR iptables -w -N f2b-sogo
                                                      iptables -w -A f2b-sogo -j RETURN
                                                      iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- r...
Jul 31 06:19:42 hostname.tld fail2ban.actions[1175]: ERROR Failed to start jail 'sogo-iredmail' action 'iptables-multiport': Error starting action
Hint: Some lines were ellipsized, use -l to show in full.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: fail2ban status

kysil wrote:

Jul 31 06:19:41 hostname.tld fail2ban.actions[1175]: ERROR Failed to start jail 'postfix-iredmail' action 'iptables-multiport': Error starting action

Seems something wrong while running Fail2ban action 'iptables-multiport'.

*) Did you see any chain with name 'f2b-*' in command output of "iptables -L -n"?
*) Any fail2ban Ban/Unban log in /var/log/message or /var/log/fail2ban.log?

3 Reply by kysil

  • kysil
  • kysil
  • Member
  • Offline
  • From: Kyiv, UA
  • Registered: 2015-02-21
  • Posts: 105

Re: fail2ban status

*) Did you see any chain with name 'f2b-*' in command output of "iptables -L -n"?

$ iptables -L -n
iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

*) Any fail2ban Ban/Unban log in /var/log/message or /var/log/fail2ban.log?

/var/log/message:
[spoiler]Jul 31 18:27:37 host systemd: Starting Dovecot IMAP/POP3 email server...
Jul 31 18:27:37 host systemd: Starting nginx - high performance web server...
Jul 31 18:27:37 host iredapd: Starting iredapd ...
Jul 31 18:27:37 host systemd: Started Dovecot IMAP/POP3 email server.
Jul 31 18:27:37 host nginx: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Jul 31 18:27:37 host nginx: nginx: configuration file /etc/nginx/nginx.conf test is successful
Jul 31 18:27:37 host systemd: Started The PHP FastCGI Process Manager.
Jul 31 18:27:38 host systemd: Started nginx - high performance web server.
Jul 31 18:27:38 host systemd: Started SOGo is a groupware server.
Jul 31 18:27:38 host fail2ban-client: 2016-07-31 18:27:38,386 fail2ban.server         [1040]: INFO    Starting Fail2ban v0.9.3
Jul 31 18:27:38 host fail2ban-client: 2016-07-31 18:27:38,389 fail2ban.server         [1040]: INFO    Starting in daemon mode
Jul 31 18:27:38 host systemd: Started Dynamic System Tuning Daemon.
Jul 31 18:27:38 host fail2ban.server[1135]: INFO Changed logging target to SYSLOG (/dev/log) for Fail2ban v0.9.3
Jul 31 18:27:38 host fail2ban.database[1135]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
Jul 31 18:27:38 host fail2ban.jail[1135]: INFO Creating new jail 'sshd'
Jul 31 18:27:38 host fail2ban.jail[1135]: INFO Jail 'sshd' uses poller
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:38 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:38 host systemd: Started LSB: iredapd is a mail list access policy daemon..
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Added logfile = /var/log/secure
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:38 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Set findtime = 600
Jul 31 18:27:38 host fail2ban.filter[1135]: INFO Set maxlines = 10
Jul 31 18:27:39 host fail2ban.server[1135]: INFO Jail sshd is not a JournalFilter instance
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Creating new jail 'sshd-ddos'
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'sshd-ddos' uses poller
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:39 host journal: [CLOUDINIT] util.py[WARNING]: Unable to change the ownership of /var/log/cloud-init.log to user syslog, group adm
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Added logfile = /var/log/secure
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set findtime = 600
Jul 31 18:27:39 host fail2ban.server[1135]: INFO Jail sshd-ddos is not a JournalFilter instance
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Creating new jail 'roundcube-iredmail'
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'roundcube-iredmail' uses poller
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:39 host ntpd[458]: Listen normally on 6 eth0 10.19.0.хх UDP 123
Jul 31 18:27:39 host ntpd[458]: Listen normally on 7 eth1 10.135.16.хх UDP 123
Jul 31 18:27:39 host ntpd[458]: Listen normally on 8 eth1 хххх::601:c6ff:fe74:хххх UDP 123
Jul 31 18:27:39 host ntpd[458]: Listen normally on 9 eth0 хххх:b0c0:3:d0::49e:хххх UDP 123
Jul 31 18:27:39 host ntpd[458]: Listen normally on 10 eth0 хххх:b0c0:3:d0::49e:хххх UDP 123
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Added logfile = /var/log/maillog
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set findtime = 3600
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Creating new jail 'dovecot-iredmail'
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'dovecot-iredmail' uses poller
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Added logfile = /var/log/dovecot.log
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set findtime = 600
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Creating new jail 'postfix-iredmail'
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'postfix-iredmail' uses poller
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Added logfile = /var/log/maillog
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set findtime = 600
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Creating new jail 'sogo-iredmail'
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'sogo-iredmail' uses poller
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Initiated 'polling' backend
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Added logfile = /var/log/sogo/sogo.log
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set maxRetry = 2
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set jail log file encoding to UTF-8
Jul 31 18:27:39 host fail2ban.actions[1135]: INFO Set banTime = 86400
Jul 31 18:27:39 host fail2ban.filter[1135]: INFO Set findtime = 600
Jul 31 18:27:39 host journal: [CLOUDINIT] stages.py[INFO]: Loaded datasource DataSourceХХХ - DataSourceХХХ
Jul 31 18:27:39 host mysql: Starting MySQL.. SUCCESS!
Jul 31 18:27:39 host systemd: Started LSB: start and stop MySQL.
Jul 31 18:27:39 host fail2ban.jail[1135]: INFO Jail 'sshd' started
Jul 31 18:27:40 host systemd: Started Postfix Mail Transport Agent.
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd#012iptables -w -A f2b-sshd -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd -- stdout: ''
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd#012iptables -w -A f2b-sshd -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd#012iptables -w -A f2b-sshd -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd -- returned 3
Jul 31 18:27:40 host fail2ban.actions[1135]: ERROR Failed to start jail 'sshd' action 'iptables-multiport': Error starting action
Jul 31 18:27:40 host fail2ban.jail[1135]: INFO Jail 'sshd-ddos' started
Jul 31 18:27:40 host ntpd_intres[466]: DNS 0.centos.pool.ntp.org -> 217.114.59.66
Jul 31 18:27:40 host ntpd_intres[466]: DNS 1.centos.pool.ntp.org -> 193.227.197.2
Jul 31 18:27:40 host ntpd_intres[466]: DNS 2.centos.pool.ntp.org -> 2a02:2208:1:3::12
Jul 31 18:27:40 host fail2ban.jail[1135]: INFO Jail 'roundcube-iredmail' started
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd-ddos#012iptables -w -A f2b-sshd-ddos -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd-ddos -- stdout: ''
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd-ddos#012iptables -w -A f2b-sshd-ddos -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd-ddos -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sshd-ddos#012iptables -w -A f2b-sshd-ddos -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports 22222 -j f2b-sshd-ddos -- returned 3
Jul 31 18:27:40 host fail2ban.actions[1135]: ERROR Failed to start jail 'sshd-ddos' action 'iptables-multiport': Error starting action
Jul 31 18:27:40 host ntpd_intres[466]: DNS 3.centos.pool.ntp.org -> 62.116.130.3
Jul 31 18:27:40 host systemd: Started Initial cloud-init job (metadata service crawler).
Jul 31 18:27:40 host systemd: Reached target Cloud-config availability.
Jul 31 18:27:40 host systemd: Starting Cloud-config availability.
Jul 31 18:27:40 host systemd: Starting Apply the settings specified in cloud-config...
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-roundcube#012iptables -w -A f2b-roundcube -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-roundcube -- stdout: ''
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-roundcube#012iptables -w -A f2b-roundcube -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-roundcube -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:40 host fail2ban.action[1135]: ERROR iptables -w -N f2b-roundcube#012iptables -w -A f2b-roundcube -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-roundcube -- returned 3
Jul 31 18:27:40 host fail2ban.actions[1135]: ERROR Failed to start jail 'roundcube-iredmail' action 'iptables-multiport': Error starting action
Jul 31 18:27:40 host fail2ban.jail[1135]: INFO Jail 'dovecot-iredmail' started
Jul 31 18:27:41 host fail2ban.jail[1135]: INFO Jail 'postfix-iredmail' started
Jul 31 18:27:42 host ntpd[458]: 0.0.0.0 c61c 0c clock_step +0.910014 s
Jul 31 18:27:42 host ntpd[458]: 0.0.0.0 c614 04 freq_mode
Jul 31 18:27:42 host systemd: Time has been changed
Jul 31 18:27:42 host fail2ban.filter[1135]: WARNING Determined IP using DNS Lookup: hostname.tld = ['127.0.0.1']
Jul 31 18:27:42 host fail2ban.filter[1135]: WARNING Determined IP using DNS Lookup: hostname.tld = ['127.0.0.1']
Jul 31 18:27:42 host systemd: PID file /var/run/amavisd/amavisd.pid not readable (yet?) after start.
Jul 31 18:27:42 host systemd: Started Amavisd-new is an interface between MTA and content checkers..
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-dovecot#012iptables -w -A f2b-dovecot -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-dovecot -- stdout: ''
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-dovecot#012iptables -w -A f2b-dovecot -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-dovecot -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-dovecot#012iptables -w -A f2b-dovecot -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-dovecot -- returned 3
Jul 31 18:27:42 host fail2ban.actions[1135]: ERROR Failed to start jail 'dovecot-iredmail' action 'iptables-multiport': Error starting action
Jul 31 18:27:42 host fail2ban.jail[1135]: INFO Jail 'sogo-iredmail' started
Jul 31 18:27:42 host systemd: Started Fail2Ban Service.
Jul 31 18:27:42 host systemd: Started Apply the settings specified in cloud-config.
Jul 31 18:27:42 host systemd: Starting Execute cloud user/final scripts...
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-postfix#012iptables -w -A f2b-postfix -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -- stdout: ''
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-postfix#012iptables -w -A f2b-postfix -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-postfix#012iptables -w -A f2b-postfix -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix -- returned 3
Jul 31 18:27:42 host fail2ban.actions[1135]: ERROR Failed to start jail 'postfix-iredmail' action 'iptables-multiport': Error starting action
Jul 31 18:27:42 host fail2ban.actions[1135]: NOTICE [postfix-iredmail] Ban 32.217.96.26
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sogo#012iptables -w -A f2b-sogo -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- stdout: ''
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sogo#012iptables -w -A f2b-sogo -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -N f2b-sogo#012iptables -w -A f2b-sogo -j RETURN#012iptables -w -I INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-sogo -- returned 3
Jul 31 18:27:42 host fail2ban.actions[1135]: ERROR Failed to start jail 'sogo-iredmail' action 'iptables-multiport': Error starting action
Jul 31 18:27:42 host systemd: Started Execute cloud user/final scripts.
Jul 31 18:27:42 host systemd: Reached target Multi-User System.
Jul 31 18:27:42 host systemd: Starting Multi-User System.
Jul 31 18:27:42 host systemd: Started Stop Read-Ahead Data Collection 10s After Completed Startup.
Jul 31 18:27:42 host systemd: Starting Update UTMP about System Runlevel Changes...
Jul 31 18:27:42 host systemd: Started Update UTMP about System Runlevel Changes.
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stdout: ''
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:42 host fail2ban.action[1135]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- returned 1
Jul 31 18:27:42 host fail2ban.CommandAction[1135]: ERROR Invariant check failed. Trying to restore a sane environment
Jul 31 18:27:43 host fail2ban.action[1135]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stdout: ''
Jul 31 18:27:43 host fail2ban.action[1135]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stderr: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
Jul 31 18:27:43 host fail2ban.action[1135]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- returned 3
Jul 31 18:27:43 host fail2ban.actions[1135]: ERROR Failed to execute ban jail 'postfix-iredmail' action 'iptables-multiport' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x9e6b18>, 'matches': 'Jul 31 15:33:56 host postfix/postscreen[5264]: NOQUEUE: reject: RCPT from [32.217.96.26]:1856: 550 5.5.1 Protocol error; from=<xo@ore.net>, to=<eax_64@yahoo.com>, proto=ESMTP, helo=<192.168.0.231>\nJul 31 15:34:21 host postfix/smtpd[5276]: lost connection after AUTH from unknown[32.217.96.26]', 'ip': '32.217.96.26', 'ipmatches': <function <lambda> at 0x9e6aa0>, 'ipfailures': <function <lambda> at 0x9e6b90>, 'time': 1469978862.574163, 'failures': 2, 'ipjailfailures': <function <lambda> at 0x9e6c08>})': Error stopping action
Jul 31 18:27:43 host ntpd[458]: 0.0.0.0 c618 08 no_sys_peer
Jul 31 18:27:44 host kdumpctl: No memory reserved for crash kernel.
Jul 31 18:27:44 host kdumpctl: Starting kdump: [FAILED]
Jul 31 18:27:44 host systemd: kdump.service: main process exited, code=exited, status=1/FAILURE
Jul 31 18:27:44 host systemd: Failed to start Crash recovery kernel arming.
Jul 31 18:27:44 host systemd: Startup finished in 846ms (kernel) + 1.283s (initrd) + 14.845s (userspace) = 16.975s.
Jul 31 18:27:44 host systemd: Unit kdump.service entered failed state.
Jul 31 18:27:44 host systemd: kdump.service failed.
Jul 31 18:27:52 host clamd: Limits: Global size limit set to 104857600 bytes.
Jul 31 18:27:52 host clamd: Limits: File size limit set to 26214400 bytes.
Jul 31 18:27:52 host clamd: Limits: Recursion level limit set to 16.
Jul 31 18:27:52 host clamd: Limits: Files limit set to 10000.
Jul 31 18:27:52 host clamd: Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Jul 31 18:27:52 host clamd: Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Jul 31 18:27:52 host clamd: Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Jul 31 18:27:52 host clamd: Limits: MaxScriptNormalize limit set to 5242880 bytes.
Jul 31 18:27:52 host clamd: Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Jul 31 18:27:52 host clamd: Limits: MaxPartitions limit set to 50.
Jul 31 18:27:52 host clamd: Limits: MaxIconsPE limit set to 100.
Jul 31 18:27:52 host clamd: Limits: MaxRecHWP3 limit set to 16.
Jul 31 18:27:52 host clamd: Limits: PCREMatchLimit limit set to 10000.
Jul 31 18:27:52 host clamd: Limits: PCRERecMatchLimit limit set to 5000.
Jul 31 18:27:52 host clamd: Limits: PCREMaxFileSize limit set to 26214400.
Jul 31 18:27:52 host clamd: Archive support enabled.
Jul 31 18:27:52 host clamd: Algorithmic detection enabled.
Jul 31 18:27:52 host clamd: Portable Executable support enabled.
Jul 31 18:27:52 host clamd: ELF support enabled.
Jul 31 18:27:52 host clamd: Mail files support enabled.
Jul 31 18:27:52 host clamd: OLE2 support enabled.
Jul 31 18:27:52 host clamd: PDF support enabled.
Jul 31 18:27:52 host clamd: SWF support enabled.
Jul 31 18:27:52 host clamd: HTML support enabled.
Jul 31 18:27:52 host clamd: XMLDOCS support enabled.
Jul 31 18:27:52 host clamd: HWP3 support enabled.
Jul 31 18:27:52 host clamd: Self checking every 600 seconds.
Jul 31 18:28:02 host systemd: Created slice user-993.slice.
Jul 31 18:28:02 host systemd: Starting user-993.slice.
Jul 31 18:28:02 host systemd: Started Session 1 of user sogo.
Jul 31 18:28:02 host systemd: Starting Session 1 of user sogo.
Jul 31 18:28:02 host systemd: Removed slice user-993.slice.
Jul 31 18:28:02 host systemd: Stopping user-993.slice.
Jul 31 18:28:24 host systemd: Created slice user-0.slice.
Jul 31 18:28:24 host systemd: Starting user-0.slice.
Jul 31 18:28:24 host systemd: Started Session 2 of user root.
Jul 31 18:28:24 host systemd-logind: New session 2 of user root.
Jul 31 18:28:24 host systemd: Starting Session 2 of user root.
Jul 31 18:28:30 host systemd: Started Session 3 of user root.
Jul 31 18:28:30 host systemd-logind: New session 3 of user root.
Jul 31 18:28:30 host systemd: Starting Session 3 of user root.
[/spoiler]

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: fail2ban status

kysil wrote:

iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)

This is the key error. Why your server doesn't have iptables support? Did you re-build Linux kernel? What's the output of command below?

lsmod | grep iptable

5 Reply by kysil

  • kysil
  • kysil
  • Member
  • Offline
  • From: Kyiv, UA
  • Registered: 2015-02-21
  • Posts: 105

Re: fail2ban status

ZhangHuangbin wrote:

This is the key error. Why your server doesn't have iptables support? Did you re-build Linux kernel? What's the output of command below?

lsmod | grep iptable

Hm… may be Linux Kernel just updated…

No any answers of this command:
$ lsmod | grep iptable
$