Hello,
I am struggling to have a fail2ban working on my PVE 8.2.
I have done all the things explained here for the systemd backend.
Fail2ban starts correctly for one of the two
But not for this action:
I've got this message :
I've look into my
There is no
So this is an issue with the mail to send and a logpath there.
The only file regardin sending email I found in which there is a logpah is :
I've personalized this one in a
Does someone know how to fix this error I get when I start fail2ban?
PS: Whatever I set the allowipv6, I got always the message:
Is there a way to no have this?
Thanks in advance.
Miles
I am struggling to have a fail2ban working on my PVE 8.2.
I have done all the things explained here for the systemd backend.
Fail2ban starts correctly for one of the two
action value:
Code:
action = %(action_)s
action = %(action_mw)sBut not for this action:
Code:
action = %(action_mwl)s
Code:
╰ /usr/bin/fail2ban-server -xf start
2024-07-05 09:06:24,056 fail2ban.configreader [2906043]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
2024-07-05 09:06:24,061 fail2ban [2906043]: ERROR Failed during configuration: Bad value substitution: option 'action' in section 'proxmox' contains an interpolation key 'logpath' which is not a valid option name. Raw value: '%(action_mwl)s'
2024-07-05 09:06:24,063 fail2ban [2906043]: ERROR Async configuration of server failedI've look into my
filter.d/proxmox.conf :
Code:
[INCLUDES]
before = common.conf
[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =
journalmatch = _SYSTEMD_UNIT=pvedaemon.servicelogpath and with the same filter.d/proxmox.conf but with action = %(action_mw)s fail2ban starts normally.So this is an issue with the mail to send and a logpath there.
The only file regardin sending email I found in which there is a logpah is :
sendmail-whois-lines.confI've personalized this one in a
sendmail-whois-lines.local:
Code:
## Version 2022/08/06
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
#
[INCLUDES]
before = sendmail-common.conf
mail-whois-common.conf
helpers-common.conf
[Definition]
# bypass ban/unban for restored tickets
norestored = 1
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = ( printf %%b "Subject: [Fail2Ban (PVE - Nuc Geekom Mini-IT13)] <name>: banned <ip> from <fq-hostname>
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
Hi,\n
The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n\n
Here is more information about <ip> :\n"
%(_whois_command)s;
printf %%b "\nLines containing failures of <ip> (max <grepmax>)\n";
%(_grep_logs)s;
printf %%b "\n
Regards,\n
Fail2Ban (PVE - Nuc Geekom Mini-IT13)" ) | <mailcmd>
[Init]
# Default name of the chain
#
name = default
# Path to the log files which contain relevant lines for the abuser IP
#
logpath = /dev/null
# Number of log lines to include in the email
#
#grepmax = 1000
#grepopts = -m <grepmax>Does someone know how to fix this error I get when I start fail2ban?
PS: Whatever I set the allowipv6, I got always the message:
Code:
WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'Thanks in advance.
Miles
Last edited:
