"sudo service fail2ban status" = "What?"

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page 1, 2  Next
Author Message
atomicamp
DD-WRT User


Joined: 16 Apr 2018
Posts: 107
Location: Milwaukee, WI

PostPosted: Sun Jan 29, 2023 17:36    Post subject: "sudo service fail2ban status" = "What?" Reply with quote
I just installed fail2ban using entware on ddwrt. I am trying to check its status to see if it is up and running when connected via ssh. I used the debian systemd command "sudo service fail2ban status" in my terminal, and ddwrt doesnt seem to recognize it as a command, which tells me ddwrt doesn't use systemd. That being said, what are the equivalent ddwrt commmands these ubuntu commands:

Code:
sudo service fail2ban status
sudo service fail2ban enable
sudo service fail2ban start


Any help is appreciated.

_________________
DanRanRocks - Tech Tutorials by Dan Ran

https://github.com/danrancan
dan@danran.rockst
My Blog https://danran.rocks
Join me on key base! and Add me on Keybase

Current Linksys WRT3200acm Firmware "DD-WRT v3.0-r51140 std (12/31/22)
Sponsor
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sun Jan 29, 2023 18:13    Post subject: Reply with quote
Does not exist under dd-wrt, dd-wrt has its own process manager.
Only it does nothing else than start, stop or restart processes, no status or similar.

but fail2ban writes log files itself.



Code:
cat /var/log/fail2ban.log

2023-01-16 13:27:49,848 fail2ban.server         [769]: INFO    --------------------------------------------------
2023-01-16 13:27:49,862 fail2ban.server         [769]: INFO    Starting Fail2ban v1.0.2
2023-01-16 13:27:49,865 fail2ban.observer       [769]: INFO    Observer start...
2023-01-16 13:27:49,922 fail2ban.database       [769]: INFO    Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2023-01-16 13:27:49,943 fail2ban.jail           [769]: INFO    Creating new jail 'sshd'
2023-01-16 13:27:50,156 fail2ban.jail           [769]: INFO    Jail 'sshd' uses pyinotify {}
2023-01-16 13:27:50,165 fail2ban.jail           [769]: INFO    Initiated 'pyinotify' backend
2023-01-16 13:27:50,172 fail2ban.filter         [769]: INFO      maxLines: 1
2023-01-16 13:27:50,259 fail2ban.filter         [769]: INFO      maxRetry: 3
2023-01-16 13:27:50,303 fail2ban.filter         [769]: INFO      findtime: 3600
2023-01-16 13:27:50,304 fail2ban.actions        [769]: INFO      banTime: 3600
2023-01-16 13:27:50,304 fail2ban.filter         [769]: INFO      encoding: UTF-8
2023-01-16 13:27:50,319 fail2ban.filter         [769]: INFO    Added logfile: '/var/log/auth.log
2023-01-16 13:27:50,339 fail2ban.jail           [769]: INFO    Jail 'sshd' started



and I guess installing via entware is not enough, fail2ban probably has to be started somehow as well

i don't know which package you are using but the startscript is probably located under /opt/etc/init.d/

Code:
ls -la /opt/etc/init.d/
/opt/etc/init.d/S95fail2ban
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sun Jan 29, 2023 22:22    Post subject: Reply with quote
I dont have a time nor router in hand to test ATM but i was thinking something like this to call it..


nano /opt/etc/init.d/S95fail2ban.sh

than paste this

#!/bin/sh
logger -t S95fail2ban "Starting fail2ban $0"
# set environment PATH to system binaries
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:$PATH
ENABLED=yes
PROCS=fail2ban
ARGS="-g -v 5 -C /opt/etc/"full path to fail2ban no quotes" 2>/opt/var/log/fail2ban.log"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
. /opt/etc/init.d/rc.func

ctrl+x > yes

than make it executable

chmod +x /opt/etc/init.d/S95fail2ban.sh

than add to usb script as USB must be up and running.. or may be start up script with some more delay...

sleep 10
/opt/etc/init.d/rc.unslung start


as i said im not familiar with fail2ban structure nor its config file...its a bit of a random shot...it wont hurt to try...
also bear in mind forum could play with some spacing so you need to adapt the script and add the full path where the quotes are...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
bushant
DD-WRT Guru


Joined: 18 Nov 2015
Posts: 2029

PostPosted: Sun Jan 29, 2023 23:28    Post subject: Reply with quote
Possible help here
https://unix.stackexchange.com/questions/377252/fail2ban-with-ddwrt-or-router

_________________
Forum Guide Lines (with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips!)
How to get help the right way

Before asking for help - Read the forum guidelines AND Upgrade DD-WRT!
Adblock by eibgrad + Blocklist Collection
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Mon Jan 30, 2023 9:10    Post subject: Reply with quote
I have unpacked the entware package again and looked in the files.

to note it again, a startscript is provided


and if you look at the configuration files you can also see the paths

the entware package is configured to write the log to "/opt/var/log/fail2ban.log" (not /var/log as you might think)

Code:
logtarget = /opt/var/log/fail2ban.log
atomicamp
DD-WRT User


Joined: 16 Apr 2018
Posts: 107
Location: Milwaukee, WI

PostPosted: Sat Feb 04, 2023 17:24    Post subject: Reply with quote
Alozaros wrote:
I dont have a time nor router in hand to test ATM but i was thinking something like this to call it..


nano /opt/etc/init.d/S95fail2ban.sh

than paste this

#!/bin/sh
logger -t S95fail2ban "Starting fail2ban $0"
# set environment PATH to system binaries
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:$PATH
ENABLED=yes
PROCS=fail2ban
ARGS="-g -v 5 -C /opt/etc/"full path to fail2ban no quotes" 2>/opt/var/log/fail2ban.log"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
. /opt/etc/init.d/rc.func

ctrl+x > yes

than make it executable

chmod +x /opt/etc/init.d/S95fail2ban.sh

than add to usb script as USB must be up and running.. or may be start up script with some more delay...

sleep 10
/opt/etc/init.d/rc.unslung start


as i said im not familiar with fail2ban structure nor its config file...its a bit of a random shot...it wont hurt to try...
also bear in mind forum could play with some spacing so you need to adapt the script and add the full path where the quotes are...


Thanks for this. But it looks like the default fail2ban installation adds a
Code:
/opt/etc/init.d/S95fail2ban
file and it looks like this:

Code:
#!/bin/sh

ENABLED=yes
PROCS=fail2ban-server
ARGS="-xf start"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

. /opt/etc/init.d/rc.func


As of now, with this file, I don't believe fail2ban is working yet, as there is no file created in
Code:
/opt/var/log/
. I do have
Code:
sleep 10
/opt/etc/init.d/rc.unslung start
in my startup script for the usb device. Would you still suggest using your version of the fail2ban init.d script instead of this default one?
_________________
DanRanRocks - Tech Tutorials by Dan Ran

https://github.com/danrancan
dan@danran.rockst
My Blog https://danran.rocks
Join me on key base! and Add me on Keybase

Current Linksys WRT3200acm Firmware "DD-WRT v3.0-r51140 std (12/31/22)
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Feb 04, 2023 17:26    Post subject: Reply with quote
you do realize that you can start/run the script yourself?

Code:
/opt/etc/init.d/S95fail2ban start


do you also know that you can display running processes?

Code:
ps


do you know that you can also start fail2ban manually?

Code:
fail2ban-server -xfv
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sat Feb 04, 2023 18:01    Post subject: Reply with quote
atomicamp i can see export path is missing if this is important at all..and also did you make it executable ?

im also interested of fail2ban and how to make it work with DDWRT...as those are not exactly the same
as some of the OpenWRT guides ive seen in the past(and entware is bound with openwrt) so things could defer... Ijust never had time and commitment to dig deeper..i was more interested of snort/suricata instead... anyway in a week or more ill be back and will heave more testing medium ... to try it...

It will be nice to make it work and post a guide here in DDWRT so, share the knowledge kind of ... Razz Cool

also try to call it from USB script instead of start up as USB need to be up and running to call the script...and load...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Feb 04, 2023 18:02    Post subject: Reply with quote
Code:
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban start
 Starting fail2ban-server...              done.

root@DD-WRT:/opt/etc/init.d# ps | grep fail
19267 root     48452 S    {fail2ban-server} /opt/bin/python3 /opt/bin/fail2ban-server -xf start

root@DD-WRT:/opt/var/log# cat fail2ban.log
2023-02-04 18:53:35,697 fail2ban.server         [19267]: INFO    --------------------------------------------------
2023-02-04 18:53:35,698 fail2ban.server         [19267]: INFO    Starting Fail2ban v0.11.2
2023-02-04 18:53:35,703 fail2ban.observer       [19267]: INFO    Observer start...
2023-02-04 18:53:35,721 fail2ban.transmitter    [19267]: WARNING Command ['server-stream', [['set', 'syslogsocket', 'auto'], ['set', 'loglevel', 'INFO'], ['set', 'logtarget', '/opt/var/log/fail2ban.log'], ['set', 'dbfile', '/opt/var/lib/fail2ban/fail2ban.sqlite3'], ['set', 'dbmaxmatches', 10], ['set', 'dbpurgeage', '10d']]] has failed. Received FileNotFoundError(2, 'No such file or directory')
2023-02-04 18:53:35,723 fail2ban                [19267]: ERROR   NOK: (2, 'No such file or directory')
root@DD-WRT:/opt/var/log#


Rolling Eyes

Code:
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban stop
root@DD-WRT:/opt/var# mkdir -p /opt/var/lib/fail2ban/
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban start
 Starting fail2ban-server...              done.
root@DD-WRT:/opt/etc/init.d# cat /opt/var/log/fail2ban.log
2023-02-04 19:00:07,776 fail2ban.server         [19353]: INFO    Shutdown in progress...
2023-02-04 19:00:07,779 fail2ban.observer       [19353]: INFO    Observer stop ... try to end queue 5 seconds
2023-02-04 19:00:07,802 fail2ban.observer       [19353]: INFO    Observer stopped, 0 events remaining.
2023-02-04 19:00:07,843 fail2ban.server         [19353]: INFO    Stopping all jails
2023-02-04 19:00:07,844 fail2ban.server         [19353]: INFO    Exiting Fail2ban
2023-02-04 19:00:16,173 fail2ban.server         [19395]: INFO    --------------------------------------------------
2023-02-04 19:00:16,174 fail2ban.server         [19395]: INFO    Starting Fail2ban v0.11.2
2023-02-04 19:00:16,178 fail2ban.observer       [19395]: INFO    Observer start...
2023-02-04 19:00:16,194 fail2ban.database       [19395]: INFO    Connected to fail2ban persistent database '/opt/var/lib/fail2ban/fail2ban.sqlite3'
2023-02-04 19:00:16,208 fail2ban.database       [19395]: WARNING New database created. Version '4'
root@DD-WRT:/opt/etc/init.d#


does work!
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Feb 04, 2023 18:09    Post subject: Reply with quote
after a reboot

and saving the USB script:

Code:
sleep 10
/opt/etc/init.d/rc.unslung start


Code:
root@DD-WRT:~# ps | grep fail
 2934 root     48604 S    {fail2ban-server} /opt/bin/python3 /opt/bin/fail2ban-server -xf start

root@DD-WRT:~# cat /opt/var/log/fail2ban.log
2023-02-04 18:07:39,133 fail2ban.server         [2935]: INFO    --------------------------------------------------
2023-02-04 18:07:39,133 fail2ban.server         [2934]: INFO    --------------------------------------------------
2023-02-04 18:07:39,135 fail2ban.server         [2934]: INFO    Starting Fail2ban v0.11.2
2023-02-04 18:07:39,135 fail2ban.server         [2935]: INFO    Starting Fail2ban v0.11.2
2023-02-04 18:07:39,139 fail2ban.observer       [2934]: INFO    Observer start...
2023-02-04 18:07:39,139 fail2ban.observer       [2935]: INFO    Observer start...
2023-02-04 18:07:39,141 fail2ban.server         [2935]: ERROR   Could not start server: Unable to bind socket /opt/var/run/fail2ban/fail2ban.sock
2023-02-04 18:07:39,142 fail2ban.server         [2935]: INFO    Shutdown in progress...
2023-02-04 18:07:39,143 fail2ban.observer       [2935]: INFO    Observer stop ... try to end queue 5 seconds
2023-02-04 18:07:39,165 fail2ban.observer       [2935]: INFO    Observer stopped, 0 events remaining.
2023-02-04 18:07:39,206 fail2ban.server         [2935]: INFO    Stopping all jails
2023-02-04 18:07:39,207 fail2ban.server         [2935]: INFO    Exiting Fail2ban
2023-02-04 18:07:39,453 fail2ban.database       [2934]: INFO    Connected to fail2ban persistent database '/opt/var/lib/fail2ban/fail2ban.sqlite3'


is started twice but the problem is well known

very very difficult
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Sat Feb 04, 2023 18:29    Post subject: Reply with quote
On dd-wrt you are already logged in as root. Run the commands without sudo.
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Feb 04, 2023 18:33    Post subject: Reply with quote
you do realize that the built-in service manger only manages dd-wrt own services ?
it has nothing at all to do with additionally installed packages
atomicamp
DD-WRT User


Joined: 16 Apr 2018
Posts: 107
Location: Milwaukee, WI

PostPosted: Sat Feb 04, 2023 20:35    Post subject: Reply with quote
ho1Aetoo wrote:
Code:
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban start
 Starting fail2ban-server...              done.

root@DD-WRT:/opt/etc/init.d# ps | grep fail
19267 root     48452 S    {fail2ban-server} /opt/bin/python3 /opt/bin/fail2ban-server -xf start

root@DD-WRT:/opt/var/log# cat fail2ban.log
2023-02-04 18:53:35,697 fail2ban.server         [19267]: INFO    --------------------------------------------------
2023-02-04 18:53:35,698 fail2ban.server         [19267]: INFO    Starting Fail2ban v0.11.2
2023-02-04 18:53:35,703 fail2ban.observer       [19267]: INFO    Observer start...
2023-02-04 18:53:35,721 fail2ban.transmitter    [19267]: WARNING Command ['server-stream', [['set', 'syslogsocket', 'auto'], ['set', 'loglevel', 'INFO'], ['set', 'logtarget', '/opt/var/log/fail2ban.log'], ['set', 'dbfile', '/opt/var/lib/fail2ban/fail2ban.sqlite3'], ['set', 'dbmaxmatches', 10], ['set', 'dbpurgeage', '10d']]] has failed. Received FileNotFoundError(2, 'No such file or directory')
2023-02-04 18:53:35,723 fail2ban                [19267]: ERROR   NOK: (2, 'No such file or directory')
root@DD-WRT:/opt/var/log#


Rolling Eyes

Code:
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban stop
root@DD-WRT:/opt/var# mkdir -p /opt/var/lib/fail2ban/
root@DD-WRT:/opt/etc/init.d# ./S95fail2ban start
 Starting fail2ban-server...              done.
root@DD-WRT:/opt/etc/init.d# cat /opt/var/log/fail2ban.log
2023-02-04 19:00:07,776 fail2ban.server         [19353]: INFO    Shutdown in progress...
2023-02-04 19:00:07,779 fail2ban.observer       [19353]: INFO    Observer stop ... try to end queue 5 seconds
2023-02-04 19:00:07,802 fail2ban.observer       [19353]: INFO    Observer stopped, 0 events remaining.
2023-02-04 19:00:07,843 fail2ban.server         [19353]: INFO    Stopping all jails
2023-02-04 19:00:07,844 fail2ban.server         [19353]: INFO    Exiting Fail2ban
2023-02-04 19:00:16,173 fail2ban.server         [19395]: INFO    --------------------------------------------------
2023-02-04 19:00:16,174 fail2ban.server         [19395]: INFO    Starting Fail2ban v0.11.2
2023-02-04 19:00:16,178 fail2ban.observer       [19395]: INFO    Observer start...
2023-02-04 19:00:16,194 fail2ban.database       [19395]: INFO    Connected to fail2ban persistent database '/opt/var/lib/fail2ban/fail2ban.sqlite3'
2023-02-04 19:00:16,208 fail2ban.database       [19395]: WARNING New database created. Version '4'
root@DD-WRT:/opt/etc/init.d#


does work!


Code:
root@DD-WRT-HOST:/opt/etc/init.d# ./S95fail2ban start
 Starting fail2ban-server...              done.
root@DD-WRT-HOST:/opt/etc/init.d# ps | grep fail
 9760 root      1428 S    grep fail
root@DD-WRT-HOST:/opt/etc/init.d# cat /opt/var/log/fail2ban.log
cat: can't open '/opt/var/log/fail2ban.log': No such file or directory
root@DD-WRT-HOST:/opt/etc/init.d# fail2ban-server -xfv
2023-02-04 14:33:51,087 fail2ban.configreader   [9777]: INFO    Loading configs for fail2ban under /opt/etc/fail2ban
2023-02-04 14:33:51,090 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/fail2ban.conf']
2023-02-04 14:33:51,092 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/fail2ban.d/db.conf']
2023-02-04 14:33:51,093 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/fail2ban.conf', '/opt/etc/fail2ban/fail2ban.d/db.conf']
2023-02-04 14:33:51,094 fail2ban                [9777]: INFO    Using socket file /opt/var/run/fail2ban/fail2ban.sock
2023-02-04 14:33:51,094 fail2ban                [9777]: INFO    Using pid file /opt/var/run/fail2ban/fail2ban.pid, [INFO] logging to /opt/var/log/fail2ban.log
2023-02-04 14:33:51,099 fail2ban.configreader   [9777]: INFO    Loading configs for jail under /opt/etc/fail2ban
2023-02-04 14:33:51,100 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/jail.conf']
2023-02-04 14:33:51,130 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/paths-debian.conf']
2023-02-04 14:33:51,132 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/paths-common.conf']
2023-02-04 14:33:51,135 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/paths-overrides.local']
2023-02-04 14:33:51,136 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/jail.local']
2023-02-04 14:33:51,163 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/paths-common.conf', '/opt/etc/fail2ban/paths-debian.conf', '/opt/etc/fail2ban/jail.conf', '/opt/etc/fail2ban/paths-common.conf', '/opt/etc/fail2ban/paths-debian.conf', '/opt/etc/fail2ban/jail.local']
2023-02-04 14:33:51,168 fail2ban.configreader   [9777]: INFO    Loading configs for filter.d/sshd under /opt/etc/fail2ban
2023-02-04 14:33:51,169 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/sshd.conf']
2023-02-04 14:33:51,173 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/common.conf']
2023-02-04 14:33:51,176 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/common.local']
2023-02-04 14:33:51,177 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/common.conf', '/opt/etc/fail2ban/filter.d/sshd.conf']
2023-02-04 14:33:51,193 fail2ban.configreader   [9777]: INFO    Loading configs for action.d/iptables-multiport under /opt/etc/fail2ban
2023-02-04 14:33:51,194 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/action.d/iptables-multiport.conf']
2023-02-04 14:33:51,196 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/action.d/iptables-common.conf']
2023-02-04 14:33:51,199 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/action.d/iptables-blocktype.local']
2023-02-04 14:33:51,200 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/action.d/iptables-common.local']
2023-02-04 14:33:51,200 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/action.d/iptables-common.conf', '/opt/etc/fail2ban/action.d/iptables-multiport.conf']
2023-02-04 14:33:51,232 fail2ban.configreader   [9777]: INFO    Loading configs for filter.d/openvpn under /opt/etc/fail2ban
2023-02-04 14:33:51,234 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/openvpn.conf']
2023-02-04 14:33:51,234 fail2ban.configparserinc[9777]: INFO      Loading files: ['/opt/etc/fail2ban/filter.d/openvpn.conf']
2023-02-04 14:33:51,247 fail2ban.jailreader     [9777]: NOTICE  No file(s) found for glob /opt/var/log/fail2ban.log
2023-02-04 14:33:51,247 fail2ban                [9777]: ERROR   Failed during configuration: Have not found any log file for openvpn jail
2023-02-04 14:33:51,260 fail2ban                [9777]: ERROR   Async configuration of server failed
Traceback (most recent call last):
  File "/opt/lib/python3.10/site-packages/fail2ban/client/fail2banserver.py", line 189, in start
fail2ban.client.fail2bancmdline.ServerExecutionException: Async configuration of server failed


Doesn't work for me. Any advice>

_________________
DanRanRocks - Tech Tutorials by Dan Ran

https://github.com/danrancan
dan@danran.rockst
My Blog https://danran.rocks
Join me on key base! and Add me on Keybase

Current Linksys WRT3200acm Firmware "DD-WRT v3.0-r51140 std (12/31/22)
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sat Feb 04, 2023 21:17    Post subject: Reply with quote
no clue what you are doing

Your log indicates that you have misconfigured the log path for fail2ban.


and this is now also the last thing I write about it:
(since I am going to sleep now)


Code:
root@DD-WRT:~# cd /opt
root@DD-WRT:/opt# wget http://bin.entware.net/armv7sf-k3.2/installer/generic.sh
Connecting to bin.entware.net (188.114.96.3:80)
saving to 'generic.sh'
generic.sh           100% |********************************|  2765  0:00:00 ETA
'generic.sh' saved
root@DD-WRT:/opt# ls
generic.sh
root@DD-WRT:/opt# chmod +x generic.sh
root@DD-WRT:/opt# ./generic.sh
root@DD-WRT:/opt# opkg install fail2ban
root@DD-WRT:/opt# mkdir -p /opt/var/lib/fail2ban/
root@DD-WRT:/opt# cp /opt/etc/fail2ban/jail.conf /opt/etc/fail2ban/jail.local
root@DD-WRT:/opt# vi /opt/etc/fail2ban/jail.local


Quote:
[openvpn]
port = 1194
protocol = udp
filter = openvpn
logpath = /tmp/var/log/messages


Code:
root@DD-WRT:/opt# mkdir -p /opt/etc/fail2ban/jail.d/
root@DD-WRT:/opt# vi /opt/etc/fail2ban/jail.d/openvpn.conf


Quote:
[openvpn]
enabled = true


Code:
root@DD-WRT:/opt# vi /opt/etc/fail2ban/filter.d/openvpn.local


Code:
# Fail2Ban filter for selected OpenVPN rejections
#
#

[Definition]

# Example messages (other matched messages not seen in the testing server's logs):
# Fri Sep 23 11:55:36 2016 TLS Error: incoming packet authentication failed from [AF_INET]59.90.146.160:51223
# Thu Aug 25 09:36:02 2016 117.207.115.143:58922 TLS Error: TLS handshake failed

failregex = ^ TLS Error: incoming packet authentication failed from \[AF_INET\]<HOST>:\d+$
            ^ <HOST>:\d+ Connection reset, restarting
            ^ <HOST>:\d+ TLS Auth Error
            ^ <HOST>:\d+ TLS Error: TLS handshake failed$
            ^ <HOST>:\d+ VERIFY ERROR

ignoreregex =


Code:
root@DD-WRT:/opt# /opt/etc/init.d/S95fail2ban start
 Starting fail2ban-server...              done.

root@DD-WRT:/opt# ps | grep fail
 5537 root     65252 S    {fail2ban-server} /opt/bin/python3 /opt/bin/fail2ban-server -xf start
 5550 root      1428 S    grep fail
root@DD-WRT:/opt# cat /opt/var/log/fail2ban.log
2023-02-04 22:08:35,003 fail2ban.server         [5537]: INFO    --------------------------------------------------
2023-02-04 22:08:35,004 fail2ban.server         [5537]: INFO    Starting Fail2ban v0.11.2
2023-02-04 22:08:35,007 fail2ban.observer       [5537]: INFO    Observer start...
2023-02-04 22:08:35,020 fail2ban.database       [5537]: INFO    Connected to fail2ban persistent database '/opt/var/lib/fail2ban/fail2ban.sqlite3'
2023-02-04 22:08:35,029 fail2ban.database       [5537]: WARNING New database created. Version '4'
2023-02-04 22:08:35,032 fail2ban.jail           [5537]: INFO    Creating new jail 'openvpn'
2023-02-04 22:08:35,048 fail2ban.jail           [5537]: INFO    Jail 'openvpn' uses poller {}
2023-02-04 22:08:35,050 fail2ban.jail           [5537]: INFO    Initiated 'polling' backend
2023-02-04 22:08:35,088 fail2ban.filter         [5537]: INFO      maxRetry: 5
2023-02-04 22:08:35,090 fail2ban.filter         [5537]: INFO      findtime: 600
2023-02-04 22:08:35,091 fail2ban.actions        [5537]: INFO      banTime: 600
2023-02-04 22:08:35,091 fail2ban.filter         [5537]: INFO      encoding: UTF-8
2023-02-04 22:08:35,093 fail2ban.filter         [5537]: INFO    Added logfile: '/tmp/var/log/messages' (pos = 0, hash = ff47fa5c92dbe3fa84e8dcc0d61c6795169502c9)
2023-02-04 22:08:35,103 fail2ban.jail           [5537]: INFO    Jail 'openvpn' started
root@DD-WRT:/opt#


Last edited by ho1Aetoo on Sun Feb 05, 2023 13:07; edited 1 time in total
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2927
Location: Germany

PostPosted: Sun Feb 05, 2023 9:31    Post subject: Reply with quote
atomicamp wrote:
2023-02-04 14:33:51,247 fail2ban.jailreader [9777]: NOTICE No file(s) found for glob /opt/var/log/fail2ban.log
2023-02-04 14:33:51,247 fail2ban [9777]: ERROR Failed during configuration: Have not found any log file for openvpn jail
2023-02-04 14:33:51,260 fail2ban [9777]: ERROR Async configuration of server failed
Traceback (most recent call last):
File "/opt/lib/python3.10/site-packages/fail2ban/client/fail2banserver.py", line 189, in start
fail2ban.client.fail2bancmdline.ServerExecutionException: Async configuration of server failed[/code]

Doesn't work for me. Any advice>



good morning, I have looked at it again.
this is your fault you misconfigured fail2ban

you enabled fail2ban for openvpn and the log path is misconfigured

problem solved / case closed

it tries to read "/opt/var/log/fail2ban.log" as logfile for openvpn, which is completely wrong

I have told you the correct configuration several times

/opt/etc/fail2ban/jail.local

Quote:
[openvpn]
port = 1194
protocol = udp
filter = openvpn
logpath = /tmp/var/log/messages


/opt/etc/fail2ban/jail.d/openvpn.conf

Quote:
[openvpn]
enabled = true


friendly warning i am not interested in finding your own bugs.

also you have sshd enabled, you know it's for the openssh server that you have to install and configure separately?
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum