The version of Fail2ban in the OpenSuSE 13.2 version needs log files to scan, but it seems that sshd is logging to systemd journal. An updated fail2ban is able to scan the journal for failed login attempts, but OpenSuSE 13.2 lacks python-systemd from the systemd distribution. Any tips to get this working would be appreciated. Thanks!
Install “rlogind”. Then you will have the usual log files.
Maybe also post a bug report about this.
Thanks for the tip, but a search from zypper did not show any results for rlogind, nor did conf rlogind. I did file a report, let’s see where that goes. I think if we are going the systemd route, then the tools should work with that. Maybe the fix is to include systemd-python and update fail2ban to the 0.9.1 version which does support systemd-journal.
Thanks
Oops. Make that “rsyslog”. Sorry about that misdirection. And I haven’t used "rlogin for years.
I have “rsyslog” installed, and I am getting logs to the standard places.
Haaa, NP. I’ll wait a day or two to see where the bug report goes, then give that a try.
Anyone for F2B working on Opensuse 13.2
I’ve got I’ve logging to /var/log/messages using rsyslog but it doesn’t seem to be banning any IP’s. Its the same config files I used on 13.1 and it was working there.
We build fail2ban 0.9.1 for openSUSE 13.2 on openSUSE Buiild Service.
You’ll also need systemd-python (python-bindings for opensuse) which are also build on OBS basend on the current systemd.
This works on 2 of our servers (x86_64). We’re willing to do pull requests, but i don’t think that version-upgrade of fail2ban will be placed in 13.2.
You can get the packages from our OBS-Repo:
https://build.opensuse.org/package/show/home:mape2k:branches:openSUSE:13.2:Update/fail2ban
https://build.opensuse.org/package/show/home:mape2k:branches:openSUSE:13.2:Update/systemd
Feedback will be welcome.