search

coleturner / fail2ban-slack-action

Slack Notifications for Fail2Ban
72 stars 16 forks source link

Failed to start jail 'sshd' action 'slack-notify' #7

Closed piechade closed 3 years ago

piechade commented 3 years ago

I'm getting the following error using your config with fail2ban. If I paste the curl command from the log into my bash it's working.

2021-01-12 12:06:10,201 fail2ban.jail           [1274292]: INFO    Jail 'sshd' started
2021-01-12 12:06:10,213 fail2ban.utils          [1274292]: ERROR   7efd24b6e8b0 -- exec: curl -s -o /dev/null -X POST --data-urlencode "payload={\"text\": \"Fail2Ban (sshd) jail has started\", \"channel\": \"#fail2ban\" }" 'https://hooks.slack.com/services/xxxx'
2021-01-12 12:06:10,213 fail2ban.utils          [1274292]: ERROR   7efd24b6e8b0 -- returned 7
2021-01-12 12:06:10,213 fail2ban.actions        [1274292]: ERROR   Failed to start jail 'sshd' action 'slack-notify': Error starting action Jail('sshd')/slack-notify: 'Script error'
2021-01-12 12:06:10,213 fail2ban.actions        [1274292]: NOTICE  [sshd] Restore Ban <ip1>
2021-01-12 12:06:10,277 fail2ban.utils          [1274292]: ERROR   7efd24810620 -- exec: curl -s -o /dev/null -X POST --data-urlencode "payload={\"text\": \"Fail2Ban (sshd) banned IP *<ip1>* for 6 failure(s)\", \"channel\": \"#fail2ban\" }" 'https://hooks.slack.com/services/xxxx'
2021-01-12 12:06:10,278 fail2ban.utils          [1274292]: ERROR   7efd24810620 -- returned 7
2021-01-12 12:06:10,278 fail2ban.actions        [1274292]: ERROR   Failed to execute ban jail 'sshd' action 'slack-notify' info 'ActionInfo({'ip': '<ip1>', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7efd24bde160>, 'failures': 6, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7efd24bde820>})': Error banning <ip1>
piechade commented 3 years ago

SELinux not allow curl in fail2ban script. You can enable it by exec: sudo setsebool nis_enabled on