I tried to clone and I tried to compose this project in folder /etc/fail2ban/aws_acl_fail2ban/ and load it from there by adding this folder path in /etc/fail2ban/action.d/aws-acl.conf. Every time I got a permission denied.
I tried by typing aws ec2 create-network-acl-entry --network-acl-id ... manually and this is working. My aws credentials are from ~/.aws/credentials copied in ~/.aws/credentials.
I got:
2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- stdout: b'' 2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- stderr: b'/bin/sh: 1: /etc/fail2ban/aws_acl_fail2ban/vendor: Permission denied\n' 2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- returned 126 fail2ban.actions [4509]: ERROR Failed to execute ban jail 'apache-wp-login' action 'aws-acl' info 'CallingMap({'ip': '109.40.64.129, 'ipmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fe18>, 'ipjailmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fea0>, 'ipfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fbf8>, 'time': 1526595383.4110484, 'ipjailfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426f840>, 'failures': 2, 'matches': '109.40.64.129- - [18/May/2018:00:11:16 +0200] "POST /wp-login.php HTTP/1.1" 200 3592 "https://link.de/wp-login.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1"\n109.40.64.129 - - [18/May/2018:00:11:20 +0200] "POST /wp-login.php HTTP/1.1" 200 3592 "https://www.link.de/wp-login.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1"'})': Error banning 109.40.64.129
I have no idea why it is not working. Is there any help ?
I tried to clone and I tried to compose this project in folder /etc/fail2ban/aws_acl_fail2ban/ and load it from there by adding this folder path in /etc/fail2ban/action.d/aws-acl.conf. Every time I got a permission denied.
I tried by typing
aws ec2 create-network-acl-entry --network-acl-id ...manually and this is working. My aws credentials are from ~/.aws/credentials copied in ~/.aws/credentials.I got:
2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- stdout: b'' 2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- stderr: b'/bin/sh: 1: /etc/fail2ban/aws_acl_fail2ban/vendor: Permission denied\n' 2018-05-17 23:56:48,721 fail2ban.action [4509]: ERROR /etc/fail2ban/aws_acl_fail2ban/vendor -i acl-74851e1f -b 109.40.64.129 -- returned 126 fail2ban.actions [4509]: ERROR Failed to execute ban jail 'apache-wp-login' action 'aws-acl' info 'CallingMap({'ip': '109.40.64.129, 'ipmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fe18>, 'ipjailmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fea0>, 'ipfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426fbf8>, 'time': 1526595383.4110484, 'ipjailfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7fc14426f840>, 'failures': 2, 'matches': '109.40.64.129- - [18/May/2018:00:11:16 +0200] "POST /wp-login.php HTTP/1.1" 200 3592 "https://link.de/wp-login.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1"\n109.40.64.129 - - [18/May/2018:00:11:20 +0200] "POST /wp-login.php HTTP/1.1" 200 3592 "https://www.link.de/wp-login.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1"'})': Error banning 109.40.64.129I have no idea why it is not working. Is there any help ?