docker-fail2ban:1.1.0 compatibility issue with Synology

ngthwi commented 6 months ago

Support guidelines

[X] I've read the support guidelines

I've found a bug and checked that ...

[X] ... the documentation does not mention anything about my problem
[X] ... there are no open or closed issues that are related to my problem

Description

Since crazymax/fail2ban:1.1.0, IPs are no longer banned.

Expected behaviour

IPs are banned without errors (last working version 1.0.2)

Actual behaviour

2024-05-08 19:46:52,765 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- exec: { iptables -w -C f2b-my-app -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-my-app || true; iptables -w -A f2b-my-app -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-my-app >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-my-app; }
done
2024-05-08 19:46:52,766 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'

Steps to reproduce

Deploy f2b container

#---
#Docker-compose file for Fail2ban
#--- 
version: '3'
services:
fail2ban:
container_name: fail2ban
restart: always
image: crazymax/fail2ban:latest #currently 1.1.0
environment: 
- TZ=Europe/London
- F2B_DB_PURGE_AGE=30d  # optional
- F2B_LOG_TARGET=/data/fail2ban.log # optional

volumes:
- /volumeX/docker/fail2ban:/data
- /volumeX/docker/my-app.log:/log/my-app.log:ro 

network_mode: "host"

cap_add:
    - NET_ADMIN
    - NET_RAW

ban an IP

Docker info

Client:
Context:    default
Debug Mode: false

Server:
Containers: x
 Running: x
 Paused: x
 Stopped: x
Images: x
Server Version: 20.10.23
Storage Driver: btrfs
 Build Version: Btrfs v4.0
 Library Version: 101
Logging Driver: db
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
 Volume: local
 Network: bridge host ipvlan null overlay
 Log: awslogs db fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b23a389d8c181697302d163356e97dec04eb8d88
runc version: 5af893d
init version: ed96d00
Security Options:
 apparmor
Kernel Version: 4.4.302+
Operating System: DiskStation
(containerized)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.238GiB
Name: xxxxx
ID: xxxxxxxxxxxxxccc
Docker Root Dir: /volume1/@docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
http://127.0.0.0/8
Live Restore Enabled: false

WARNING: No kernel memory TCP limit support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support

Docker Compose config

No response

Logs

2024-05-07 23:21:18,553 fail2ban.server         [1]: INFO    --------------------------------------------------
2024-05-07 23:21:18,568 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0
2024-05-07 23:21:18,570 fail2ban.observer       [1]: INFO    Observer start...
2024-05-07 23:21:18,974 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2024-05-07 23:21:19,861 fail2ban.jail           [1]: INFO    Creating new jail 'my-app'
2024-05-07 23:21:19,862 fail2ban.jail           [1]: INFO    Jail 'my-app' uses pyinotify {}
2024-05-07 23:21:19,863 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2024-05-07 23:21:19,865 fail2ban.filter         [1]: INFO      maxRetry: 4
2024-05-07 23:21:19,865 fail2ban.filter         [1]: INFO      findtime: 600
2024-05-07 23:21:19,865 fail2ban.actions        [1]: INFO      banTime: 86400
2024-05-07 23:21:19,866 fail2ban.filter         [1]: INFO      encoding: UTF-8
2024-05-07 23:21:19,866 fail2ban.filter         [1]: INFO    Added logfile: '/log/my-app.log' (pos = 478097, hash = 9b7e7e45c84f4f287233dd1d9e01267571c5e4c1)
2024-05-07 23:21:19,875 fail2ban.jail           [1]: INFO    Jail 'my-app' started
2024-05-08 19:46:45,717 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #xxx-local-IP-xxx: [Errno -2] Name does not resolve
2024-05-08 19:46:45,796 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #: [Errno -2] Name does not resolve
2024-05-08 19:46:45,858 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for optional: [Errno -2] Name does not resolve
2024-05-08 19:46:45,859 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-08 19:46:45
2024-05-08 19:46:48,634 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-08 19:46:48
2024-05-08 19:46:50,170 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-08 19:46:50
2024-05-08 19:46:51,509 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-08 19:46:51
2024-05-08 19:46:52,294 fail2ban.actions        [1]: NOTICE  [my-app] Ban xxx-IP-TO-BAN-xxx
2024-05-08 19:46:52,765 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- exec: { iptables -w -C f2b-my-app -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-my-app || true; iptables -w -A f2b-my-app -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-my-app >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-my-app; }
done
2024-05-08 19:46:52,766 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 19:46:52,766 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 19:46:52,766 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 19:46:52,766 fail2ban.utils          [1]: ERROR   7f0cdf6510b0 -- returned 4
2024-05-08 19:46:52,766 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'my-app' action 'iptables-allports' info 'ActionInfo({'ip': 'xxx-IP-TO-BAN-xxx', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f0cdfc6a2a0>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f0cdfc6aa20>})': Error starting action Jail('my-app')/iptables-allports: 'Script error'

Additional info

No response

crazy-max commented 6 months ago

Thanks for your report, can you give the output of the following commands please?:

$ docker run -it --rm alpine:3.18 /bin/sh -c "apk add iptables && iptables -v"
$ docker run -it --rm alpine:3.19 /bin/sh -c "apk add iptables && iptables -v"

I believe this is an issue linked to the update to Alpine 3.19.

crazy-max commented 6 months ago

Can you try with crazymax/fail2ban:edge?

ngthwi commented 6 months ago

Thanks for your report, can you give the output of the following commands please?:
$ docker run -it --rm alpine:3.18 /bin/sh -c "apk add iptables && iptables -v"
$ docker run -it --rm alpine:3.19 /bin/sh -c "apk add iptables && iptables -v"
I believe this is an issue linked to the update to Alpine 3.19.

Both command outputs were:

the input device is not a TTY

Can you try with crazymax/fail2ban:edge?

The error remains:

2024-05-09 10:03:30,689 fail2ban.server         [1]: INFO    --------------------------------------------------
2024-05-09 10:03:30,689 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0
2024-05-09 10:03:30,690 fail2ban.observer       [1]: INFO    Observer start...
2024-05-09 10:03:30,789 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2024-05-09 10:03:32,446 fail2ban.jail           [1]: INFO    Creating new jail 'my-app'
2024-05-09 10:03:32,447 fail2ban.jail           [1]: INFO    Jail 'my-app' uses pyinotify {}
2024-05-09 10:03:32,448 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2024-05-09 10:03:32,450 fail2ban.filter         [1]: INFO      maxRetry: 4
2024-05-09 10:03:32,450 fail2ban.filter         [1]: INFO      findtime: 600
2024-05-09 10:03:32,451 fail2ban.actions        [1]: INFO      banTime: 86400
2024-05-09 10:03:32,451 fail2ban.filter         [1]: INFO      encoding: UTF-8
2024-05-09 10:03:32,452 fail2ban.filter         [1]: INFO    Added logfile: '/log/my-app.log' (pos = 491743, hash = 9b7e7e45c84f4f287233dd1d9e01267571c5e4c1)
2024-05-09 10:03:32,462 fail2ban.jail           [1]: INFO    Jail 'my-app' started
2024-05-09 10:05:26,870 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #xxx-local-IP-xxx: [Errno -2] Name does not resolve
2024-05-09 10:05:26,909 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #: [Errno -2] Name does not resolve
2024-05-09 10:05:26,946 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for optional: [Errno -2] Name does not resolve
2024-05-09 10:05:26,946 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:26
2024-05-09 10:05:27,956 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:27
2024-05-09 10:05:29,813 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:29
2024-05-09 10:05:30,946 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:30
2024-05-09 10:05:31,091 fail2ban.actions        [1]: NOTICE  [my-app] Ban xxx-IP-TO-BAN-xxx
2024-05-09 10:05:31,921 fail2ban.utils          [1]: ERROR   7fdbd1ca59b0 -- exec: { iptables -w -C f2b-my-app -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-my-app || true; iptables -w -A f2b-my-app -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-my-app >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-my-app; }
done
2024-05-09 10:05:31,921 fail2ban.utils          [1]: ERROR   7fdbd1ca59b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 10:05:31,921 fail2ban.utils          [1]: ERROR   7fdbd1ca59b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 10:05:31,921 fail2ban.utils          [1]: ERROR   7fdbd1ca59b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 10:05:31,922 fail2ban.utils          [1]: ERROR   7fdbd1ca59b0 -- returned 4
2024-05-09 10:05:31,922 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'my-app' action 'iptables-allports' info 'ActionInfo({'ip': 'xxx-IP-TO-BAN-xxx', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fdbd22ce200>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fdbd22ce980>})': Error starting action Jail('my-app')/iptables-allports: 'Script error'
2024-05-09 10:05:32,205 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:32
2024-05-09 10:05:33,724 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:33
2024-05-09 10:05:37,109 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 10:05:36

crazy-max commented 6 months ago

@ngthwi Thanks for your feedback. I made some changes in https://github.com/crazy-max/docker-fail2ban/pull/167 that should fix your issue. Can you pull crazymax/fail2ban:edge and try again?

ngthwi commented 6 months ago

Unfortunately still an error… ps: thanks for your work and your time


2024-05-09 17:13:33,956 fail2ban.server         [1]: INFO    --------------------------------------------------
2024-05-09 17:13:33,956 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0
2024-05-09 17:13:34,086 fail2ban.observer       [1]: INFO    Observer start...
2024-05-09 17:13:34,458 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2024-05-09 17:13:35,832 fail2ban.jail           [1]: INFO    Creating new jail 'my-app'
2024-05-09 17:13:35,832 fail2ban.jail           [1]: INFO    Jail 'my-app' uses pyinotify {}
2024-05-09 17:13:35,833 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2024-05-09 17:13:35,835 fail2ban.filter         [1]: INFO      maxRetry: 4
2024-05-09 17:13:35,835 fail2ban.filter         [1]: INFO      findtime: 600
2024-05-09 17:13:35,836 fail2ban.actions        [1]: INFO      banTime: 86400
2024-05-09 17:13:35,836 fail2ban.filter         [1]: INFO      encoding: UTF-8
2024-05-09 17:13:35,837 fail2ban.filter         [1]: INFO    Added logfile: '/log/my-app.log' (pos = 549040, hash = 9b7e7e45c84f4f287233dd1d9e01267571c5e4c1)
2024-05-09 17:13:36,640 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #xxx-local-IP-xxx: [Errno -2] Name does not resolve
2024-05-09 17:13:36,665 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #: [Errno -2] Name does not resolve
2024-05-09 17:13:36,830 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for optional: [Errno -2] Name does not resolve
2024-05-09 17:13:36,831 fail2ban.jail           [1]: INFO    Jail 'my-app' started
2024-05-09 17:13:37,225 fail2ban.actions        [1]: NOTICE  [my-app] Restore Ban xxx-IP-TO-BAN-xxx
2024-05-09 17:13:38,024 fail2ban.utils          [1]: ERROR   7f76657299b0 -- exec: { iptables -w -C f2b-my-app -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-my-app || true; iptables -w -A f2b-my-app -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-my-app >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-my-app; }
done
2024-05-09 17:13:38,024 fail2ban.utils          [1]: ERROR   7f76657299b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 17:13:38,024 fail2ban.utils          [1]: ERROR   7f76657299b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 17:13:38,024 fail2ban.utils          [1]: ERROR   7f76657299b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-09 17:13:38,025 fail2ban.utils          [1]: ERROR   7f76657299b0 -- returned 4
2024-05-09 17:13:38,026 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'my-app' action 'iptables-allports' info 'ActionInfo({'ip': 'xxx-IP-TO-BAN-xxx', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f7665d52200>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f7665d52980>})': Error starting action Jail('my-app')/iptables-allports: 'Script error'
2024-05-09 17:15:22,976 fail2ban.server         [1]: INFO    Shutdown in progress...
2024-05-09 17:15:22,976 fail2ban.observer       [1]: INFO    Observer stop ... try to end queue 5 seconds
2024-05-09 17:15:22,997 fail2ban.observer       [1]: INFO    Observer stopped, 0 events remaining.
2024-05-09 17:15:23,037 fail2ban.server         [1]: INFO    Stopping all jails
2024-05-09 17:15:23,039 fail2ban.filter         [1]: INFO    Removed logfile: '/log/my-app.log'
2024-05-09 17:15:23,261 fail2ban.actions        [1]: NOTICE  [my-app] Flush ticket(s) with iptables-allports
2024-05-09 17:15:23,261 fail2ban.actions        [1]: NOTICE  [my-app] Unban xxx-IP-TO-BAN-xxx
2024-05-09 17:15:23,263 fail2ban.jail           [1]: INFO    Jail 'my-app' stopped
2024-05-09 17:15:23,264 fail2ban.database       [1]: INFO    Connection to database closed.
2024-05-09 17:15:23,264 fail2ban.server         [1]: INFO    Exiting Fail2ban

crazy-max commented 6 months ago

Can you give full logs please similar to https://github.com/crazy-max/docker-fail2ban/actions/runs/9018916105/job/24780580461#step:8:10:

fail2ban  | Setting timezone to Europe/Paris...
fail2ban  | Setting SSMTP configuration...
fail2ban  | WARNING: SSMTP_HOST must be defined if you want fail2ban to send emails
fail2ban  | Initializing files and folders...
fail2ban  | Setting Fail2ban configuration...
fail2ban  | Checking for custom actions in /data/action.d...
fail2ban  | Checking for custom filters in /data/filter.d...
fail2ban  | WARNING: iptables-legacy enforced
fail2ban  | iptables v1.8.10 (legacy)
fail2ban  | nftables v1.0.9 (Old Doc Yak #3)
fail2ban  | 2024-05-09 16:35:40,812 fail2ban.configreader   [1]: INFO    Loading configs for fail2ban under /etc/fail2ban 
fail2ban  | 2024-05-09 16:35:40,813 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']
fail2ban  | 2024-05-09 16:35:40,814 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']
fail2ban  | 2024-05-09 16:35:40,814 fail2ban                [1]: INFO    Using socket file /var/run/fail2ban/fail2ban.sock
fail2ban  | 2024-05-09 16:35:40,814 fail2ban                [1]: INFO    Using pid file /var/run/fail2ban/fail2ban.pid, [INFO] logging to STDOUT
fail2ban  | 2024-05-09 16:35:40,816 fail2ban.configreader   [1]: INFO    Loading configs for jail under /etc/fail2ban 
fail2ban  | 2024-05-09 16:35:40,816 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/jail.conf']
fail2ban  | 2024-05-09 16:35:40,819 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-debian.conf']
fail2ban  | 2024-05-09 16:35:40,820 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf']
fail2ban  | 2024-05-09 16:35:40,820 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-overrides.local']
fail2ban  | 2024-05-09 16:35:40,820 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf', '/etc/fail2ban/paths-debian.conf', '/etc/fail2ban/jail.conf']
fail2ban  | 2024-05-09 16:35:40,854 fail2ban.server         [1]: INFO    --------------------------------------------------
fail2ban  | 2024-05-09 16:35:40,854 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0
fail2ban  | 2024-05-09 16:35:40,855 fail2ban.observer       [1]: INFO    Observer start...
fail2ban  | 2024-05-09 16:35:40,861 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
fail2ban  | 2024-05-09 16:35:40,864 fail2ban.database       [1]: WARNING New database created. Version '4'
fail2ban  | Server ready

ngthwi commented 6 months ago

Sorry I'm confused... I forgot to repull the image... It's fixed now! Thank you very much

ngthwi commented 6 months ago

Can you give full logs please similar to https://github.com/crazy-max/docker-fail2ban/actions/runs/9018916105/job/24780580461#step:8:10:

Setting timezone to Europe/Brussels...
Setting SSMTP configuration...
WARNING: SSMTP_HOST must be defined if you want fail2ban to send emails
Initializing files and folders...
Setting Fail2ban configuration...
Checking for custom actions in /data/action.d...
  Add custom action iptables.local...
Checking for custom filters in /data/filter.d...
  Add custom filter my-app.conf...
WARNING: iptables-nft is not supported by the host, falling back to iptables-legacy
iptables v1.8.10 (legacy)
nftables v1.0.9 (Old Doc Yak #3)
2024-05-09 18:12:43,399 fail2ban.configreader   [1]: INFO    Loading configs for fail2ban under /etc/fail2ban 
2024-05-09 18:12:43,400 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']
2024-05-09 18:12:43,402 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']
2024-05-09 18:12:43,402 fail2ban                [1]: INFO    Using socket file /var/run/fail2ban/fail2ban.sock
2024-05-09 18:12:43,403 fail2ban                [1]: INFO    Using pid file /var/run/fail2ban/fail2ban.pid, [INFO] logging to /data/fail2ban.log
2024-05-09 18:12:43,407 fail2ban.configreader   [1]: INFO    Loading configs for jail under /etc/fail2ban 
2024-05-09 18:12:43,408 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/jail.conf']
2024-05-09 18:12:43,462 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-debian.conf']
2024-05-09 18:12:43,631 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf']
2024-05-09 18:12:43,652 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-overrides.local']
2024-05-09 18:12:43,849 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/jail.d/my-app.conf']
2024-05-09 18:12:43,850 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf', '/etc/fail2ban/paths-debian.conf', '/etc/fail2ban/jail.conf', '/etc/fail2ban/jail.d/my-app.conf']
2024-05-09 18:12:43,913 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/common.conf']
2024-05-09 18:12:43,948 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/common.local']
2024-05-09 18:12:43,951 fail2ban.configreader   [1]: INFO    Loading configs for action.d/iptables-allports under /etc/fail2ban 
2024-05-09 18:12:43,952 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables-allports.conf']
2024-05-09 18:12:43,953 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables.conf']
2024-05-09 18:12:43,965 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables.local']
2024-05-09 18:12:43,968 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables.conf', '/etc/fail2ban/action.d/iptables.local', '/etc/fail2ban/action.d/iptables-allports.conf']
[edited]
2024-05-09 18:12:43,997 fail2ban.configreader   [1]: INFO    Loading configs for filter.d/my-app under /etc/fail2ban 
2024-05-09 18:12:43,998 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/my-app.conf']
2024-05-09 18:12:43,998 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/common.conf', '/etc/fail2ban/filter.d/my-app.conf']
INFO   [#          ] Waiting on the server...
#  # # #

Server ready

ngthwi commented 6 months ago

2024-05-09 18:12:47,511 fail2ban.server         [1]: INFO    --------------------------------------------------
2024-05-09 18:12:47,516 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0
2024-05-09 18:12:47,518 fail2ban.observer       [1]: INFO    Observer start...
2024-05-09 18:12:48,013 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'
2024-05-09 18:12:49,528 fail2ban.jail           [1]: INFO    Creating new jail 'my-app'
2024-05-09 18:12:49,528 fail2ban.jail           [1]: INFO    Jail 'my-app' uses pyinotify {}
2024-05-09 18:12:49,529 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend
2024-05-09 18:12:49,531 fail2ban.filter         [1]: INFO      maxRetry: 4
2024-05-09 18:12:49,532 fail2ban.filter         [1]: INFO      findtime: 600
2024-05-09 18:12:49,532 fail2ban.actions        [1]: INFO      banTime: 86400
2024-05-09 18:12:49,533 fail2ban.filter         [1]: INFO      encoding: UTF-8
2024-05-09 18:12:49,533 fail2ban.filter         [1]: INFO    Added logfile: '/log/my-app.log' (pos = 549040, hash = 9b7e7e45c84f4f287233dd1d9e01267571c5e4c1)
2024-05-09 18:12:50,130 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #xxx-local-IP-xxx/16: [Errno -2] Name does not resolve
2024-05-09 18:12:50,131 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for #: [Errno -2] Name does not resolve
2024-05-09 18:12:50,133 fail2ban.ipdns          [1]: WARNING Unable to find a corresponding IP address for optional: [Errno -2] Name does not resolve
2024-05-09 18:12:50,133 fail2ban.jail           [1]: INFO    Jail 'my-app' started
2024-05-09 18:12:50,172 fail2ban.actions        [1]: NOTICE  [my-app] Restore Ban xxx-IP-TO-BAN-xxx
2024-05-09 18:16:17,562 fail2ban.actions        [1]: NOTICE  [my-app] Unban xxx-IP-TO-BAN-xxx
2024-05-09 18:16:58,131 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 18:16:58
2024-05-09 18:16:59,917 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 18:16:59
2024-05-09 18:17:01,733 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 18:17:01
2024-05-09 18:17:03,280 fail2ban.filter         [1]: INFO    [my-app] Found xxx-IP-TO-BAN-xxx - 2024-05-09 18:17:03
2024-05-09 18:17:03,654 fail2ban.actions        [1]: NOTICE  [my-app] Ban xxx-IP-TO-BAN-xxx

lluisd commented 3 weeks ago

in my case is not working

---
services:
  fail2ban:
    image: crazymax/fail2ban:edge
    container_name: fail2ban
    cap_add:
      - NET_ADMIN
      - NET_RAW
    network_mode: host
    environment:
      - PUID=1032
      - PGID=100
      - TZ=Europe/Madrid
    volumes:
      - /volume1/docker/fail2ban/data:/data
      #- /var/log:/var/log:ro
      - /volume1/docker/jellyfin/config/log:/remotelogs/jellyfin:ro
    restart: unless-stopped

Logs:

Setting timezone to Europe/Madrid...

Setting SSMTP configuration...

WARNING: SSMTP_HOST must be defined if you want fail2ban to send emails

Initializing files and folders...

Setting Fail2ban configuration...

Checking for custom actions in /data/action.d...

Checking for custom filters in /data/filter.d...

  Add custom filter jellyfin.conf...

WARNING: iptables-nft is not supported by the host, falling back to iptables-legacy

iptables v1.8.10 (legacy)

nftables v1.0.9 (Old Doc Yak #3)

2024-10-24 13:02:44,550 fail2ban.configreader   [1]: INFO    Loading configs for fail2ban under /etc/fail2ban 

2024-10-24 13:02:44,551 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']

2024-10-24 13:02:44,552 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/fail2ban.conf']

2024-10-24 13:02:44,552 fail2ban                [1]: INFO    Using socket file /var/run/fail2ban/fail2ban.sock

2024-10-24 13:02:44,553 fail2ban                [1]: INFO    Using pid file /var/run/fail2ban/fail2ban.pid, [INFO] logging to STDOUT

2024-10-24 13:02:44,557 fail2ban.configreader   [1]: INFO    Loading configs for jail under /etc/fail2ban 

2024-10-24 13:02:44,558 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/jail.conf']

2024-10-24 13:02:44,566 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-debian.conf']

2024-10-24 13:02:44,567 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf']

2024-10-24 13:02:44,568 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-overrides.local']

2024-10-24 13:02:44,569 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/jail.d/jellyfin.local']

2024-10-24 13:02:44,569 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/paths-common.conf', '/etc/fail2ban/paths-debian.conf', '/etc/fail2ban/jail.conf', '/etc/fail2ban/jail.d/jellyfin.local']

2024-10-24 13:02:44,578 fail2ban.configreader   [1]: INFO    Loading configs for filter.d/jellyfin under /etc/fail2ban 

2024-10-24 13:02:44,579 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/jellyfin.conf']

2024-10-24 13:02:44,579 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/filter.d/jellyfin.conf']

2024-10-24 13:02:44,581 fail2ban.configreader   [1]: INFO    Loading configs for action.d/iptables-allports under /etc/fail2ban 

2024-10-24 13:02:44,582 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables-allports.conf']

2024-10-24 13:02:44,583 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables.conf']

2024-10-24 13:02:44,585 fail2ban.configparserinc[1]: INFO      Loading files: ['/etc/fail2ban/action.d/iptables.conf', '/etc/fail2ban/action.d/iptables-allports.conf']

2024-10-24 13:02:44,684 fail2ban.server         [1]: INFO    --------------------------------------------------

2024-10-24 13:02:44,684 fail2ban.server         [1]: INFO    Starting Fail2ban v1.1.0

2024-10-24 13:02:44,685 fail2ban.observer       [1]: INFO    Observer start...

2024-10-24 13:02:44,695 fail2ban.database       [1]: INFO    Connected to fail2ban persistent database '/data/db/fail2ban.sqlite3'

2024-10-24 13:02:44,696 fail2ban.jail           [1]: INFO    Creating new jail 'jellyfin'

2024-10-24 13:02:44,711 fail2ban.jail           [1]: INFO    Jail 'jellyfin' uses pyinotify {}

2024-10-24 13:02:44,712 fail2ban.jail           [1]: INFO    Initiated 'pyinotify' backend

2024-10-24 13:02:44,715 fail2ban.filter         [1]: INFO      maxRetry: 3

2024-10-24 13:02:44,717 fail2ban.filter         [1]: INFO      findtime: 43200

2024-10-24 13:02:44,718 fail2ban.actions        [1]: INFO      banTime: 86400

2024-10-24 13:02:44,718 fail2ban.filter         [1]: INFO      encoding: UTF-8

2024-10-24 13:02:44,718 fail2ban.filter         [1]: INFO    Added logfile: '/remotelogs/jellyfin/log_20241022.log' (pos = 50177, hash = 60e13c1db3e2c2700a452c063c947c3256c584ad)

2024-10-24 13:02:44,719 fail2ban.filter         [1]: INFO    Added logfile: '/remotelogs/jellyfin/log_20241023.log' (pos = 129611, hash = d1b5dde52367b2d7b57b2309c24960c74f1993a1)

2024-10-24 13:02:44,719 fail2ban.filter         [1]: INFO    Added logfile: '/remotelogs/jellyfin/log_20241024.log' (pos = 64518, hash = 02b4e0cc8920b9019966231c30a2fd1d858ce441)

2024-10-24 13:02:44,735 fail2ban.jail           [1]: INFO    Jail 'jellyfin' started


Server ready

2024-10-24 13:02:44,921 fail2ban.actions        [1]: NOTICE  [jellyfin] Restore Ban x.x.x.x
2024-10-24 13:02:44,976 fail2ban.utils          [1]: ERROR   7febec525c50 -- exec: iptables -w -I f2b-jellyfin 1 -s x.x.x.x -j REJECT --reject-with icmp-port-unreachable

2024-10-24 13:02:44,977 fail2ban.utils          [1]: ERROR   7febec525c50 -- stderr: 'Warning: Extension REJECT revision 0 not supported, missing kernel module?'

2024-10-24 13:02:44,977 fail2ban.utils          [1]: ERROR   7febec525c50 -- stderr: 'iptables: No chain/target/match by that name.'

2024-10-24 13:02:44,978 fail2ban.utils          [1]: ERROR   7febec525c50 -- returned 1

2024-10-24 13:02:44,995 fail2ban.utils          [1]: ERROR   7febec525c50 -- exec: iptables -w -I f2b-jellyfin 1 -s x.x.x.x -j REJECT --reject-with icmp-port-unreachable

2024-10-24 13:02:44,996 fail2ban.utils          [1]: ERROR   7febec525c50 -- stderr: 'Warning: Extension REJECT revision 0 not supported, missing kernel module?'

2024-10-24 13:02:44,996 fail2ban.utils          [1]: ERROR   7febec525c50 -- stderr: 'iptables: No chain/target/match by that name.'

2024-10-24 13:02:44,996 fail2ban.utils          [1]: ERROR   7febec525c50 -- returned 1

2024-10-24 13:02:44,996 fail2ban.actions        [1]: ERROR   Failed to execute ban jail 'jellyfin' action 'iptables-allports' info 'ActionInfo({'ip': 'x.x.x.x', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7febec4b5a80>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7febec4b6200>})': Error banning x.x.x.x

crazy-max / docker-fail2ban