Fail2ban doesn't send lines from logs

[dronnikovigor]

After upgrading to omv 7 from 6.5 several month ago I noticed, that fail2ban emails don't contains lines from logs anymore.

I have only message of whois followed by phrase:

...
origin:         AS9009
mnt-by:         GLOBALAXS-MNT
created:        2021-05-14T09:47:51Z
last-modified:  2021-05-14T09:47:51Z
source:         RIPE
% This query was served by the RIPE Database Query Service version 1.113.2 (SHETLAND)
Lines containing failures of X.X.X.X (max 1000)
Regards,
Fail2Ban

I tried to reinstall fail2ban plugin with cleaning /etc/fail2ban folder, system is up to date.

Action used is action_mwl. I also tried some kind of debugging and put printf after "Lines...". And it outputs just /dev/null.

Finally, I managed to localize problem by myself.

In commits of this plugin I found this commit https://github.com/OpenMediaVa…961934b8db938f1fc8cc08L22

That removes logpath from action's parameters.

I created jail.local and restarted fail2ban. Now everything work.

[DEFAULT]

action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]

So, i wonder, if it's a bug and should be fixed.

[alexshalex]

Тell me if the solution will be presented in the plugin or if you need to do it manually. Thanks

[ryecoaaron]

I will not be adding it to the plugin. With the logpath part in there, it breaks fail2ban for some jails. Without the logpath, some jails don't send logging. I prefer the latter. If someone can come up with a solution that works for both, I will add it.