fail2ban help

beccabeginner · October 30, 2008, 9:23am

I have installed the lastest version of fail2ban via yast2, in opensuse 10.3
I can not get the server to connect-it says;
ERROR Unable to contact server. Is it running?
even though all the files installed correctly!
I am new to Linux and have Guarddog running as a firewall, any help would be great as im lost how to configure it for opensuse 10.3 so it will;
-start on startup
-run with no errors etc

thank you!
from becca

deltaflyer44 · October 30, 2008, 9:41am

Have a look in YaST - System -System Services (Runlevel ) & make sure it is activated there

Andy

beccabeginner · October 30, 2008, 10:49am

hi andy
i did what you said and i got the following message:
to start service fail2ban and enable it at runlevels 3,5 these services must be additionally started and enabled, because it depends on them:
boot.clock

then it presents two options:
continue
exit

I press continue then the following message comes up:
/etc/init.d/boot.clock start returned 0 (success):
/etc/init.d/fail2ban start returned 0 (success):

I press okay then finish on the system services (runlevel) and it saves, but when i check status in the terminal with the following command;

fail2ban-client status

I get:
ERROR Unable to contact server. Is it running?

then when i try the following command;
fail2ban-client start

i get:
ERROR No file found for /var/log/sshd.log
ERROR No file found for /var/log/postfix.log
ERROR No file found for /var/log/vsftpd.log
ERROR No file found for /var/log/sshd.log
ERROR No file found for /var/log/apache*/error.log
ERROR No file found for /home/www/myhomepage/error.log
ERROR No file found for /var/log/apache2/error_log
ERROR No file found for /var/log/proftpd/proftpd.log
ERROR No file found for /var/www//logs/access_log
ERROR No file found for /var/log/vsftpd.log
ERROR No file found for /var/log/mail.log
2008-10-30 19:45:20,842 fail2ban.server : INFO Starting Fail2ban v0.8.3
2008-10-30 19:45:20,843 fail2ban.server : INFO Starting in daemon mode
ERROR Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it

thank you for all the help!

Christophe_deR · October 30, 2008, 2:29pm

So… As suggested in these error log, have you tried to remove the /var/run/fail2ban/fail2ban.sock file ?

That’s what i did for my fail2ban to start. And now it works like a charm.

beccabeginner · October 31, 2008, 8:58am

i deleted the old sock but still get this message;
ERROR No file found for /var/log/sshd.log
ERROR No file found for /var/log/postfix.log
ERROR No file found for /var/log/vsftpd.log
ERROR No file found for /var/log/sshd.log
ERROR No file found for /var/log/apache*/error.log
ERROR No file found for /home/www/myhomepage/error.log
ERROR No file found for /var/log/apache2/error_log
ERROR No file found for /var/log/proftpd/proftpd.log
ERROR No file found for /var/www//logs/access_log
ERROR No file found for /var/log/vsftpd.log
ERROR No file found for /var/log/mail.log
2008-10-30 19:45:20,842 fail2ban.server : INFO Starting Fail2ban v0.8.3
2008-10-30 19:45:20,843 fail2ban.server : INFO Starting in daemon mode

beccabeginner · October 31, 2008, 9:27am

I managed to find the files in the error message, my config file had the logs directed to the wrong folders-whoops.
Now i get this message when i type fail2ban-client status;

ERROR Unable to contact server. Is it running?

when i type fail2ban-client start i get;
2008-10-31 18:30:44,499 fail2ban.server : INFO Starting Fail2ban v0.8.3
2008-10-31 18:30:44,500 fail2ban.server : INFO Starting in daemon mode

beccabeginner · October 31, 2008, 11:34am

fail2ban is working now thanks for the help!
i also looked at this guide;
The Art of Web ~ System: fail2ban and iptables

thanks again!