Open Aurel004 opened 1 year ago
Thank you SOOOO much! I spent hours trying to track down why the synology wasn't banning even though the rules were all there. This needs to be updated on the main page to save people the headache.
Added the file to make it easier
Hello :) Thanks for this tip ! It permit to go from :
To this (where my IP is masked) :
But, even if the IP seems to be banned from Fail2ban, and appears in iptables, I can access from it to my services, like gitea or calibre-web.
I'm pretty sure that's a DSM update who break things... but when... ?
Before, IP were correctly banned, and from this IP, I can't access any services on my NAS.
Is there a way to correct this behavior ?
Same issue as the above poster on DSM 7.2-64570 Update 3. The IPs get set to drop in iptables, but I can still access stuff.
2023/11/21 22:03:09 stdout Server ready 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,486 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/common.conf', '/etc/fail2ban/filter.d/vaultwarden.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,486 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/vaultwarden.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,486 fail2ban.configreader [1]: INFO Loading configs for filter.d/vaultwarden under /etc/fail2ban 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,485 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/action.d/iptables.conf', '/etc/fail2ban/action.d/iptables.local', '/etc/fail2ban/action.d/iptables-allports.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,485 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/action.d/iptables.local'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,484 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/action.d/iptables.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,484 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/action.d/iptables-allports.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,483 fail2ban.configreader [1]: INFO Loading configs for action.d/iptables-allports under /etc/fail2ban 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,483 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/common.conf', '/etc/fail2ban/filter.d/vaultwarden-admin.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,483 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/common.local'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,481 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/common.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,481 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/filter.d/vaultwarden-admin.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,481 fail2ban.configreader [1]: INFO Loading configs for filter.d/vaultwarden-admin under /etc/fail2ban 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,478 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/paths-common.conf', '/etc/fail2ban/paths-debian.conf', '/etc/fail2ban/jail.conf', '/etc/fail2ban/jail.d/vaultwarden-admin.conf', '/etc/fail2ban/jail.d/vaultwarden.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,478 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/jail.d/vaultwarden.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,478 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/jail.d/vaultwarden-admin.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,478 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/paths-overrides.local'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,477 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/paths-common.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,477 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/paths-debian.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,474 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/jail.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,473 fail2ban.configreader [1]: INFO Loading configs for jail under /etc/fail2ban 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,470 fail2ban [1]: INFO Using pid file /var/run/fail2ban/fail2ban.pid, [INFO] logging to /data/fail2ban.log 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,470 fail2ban [1]: INFO Using socket file /var/run/fail2ban/fail2ban.sock 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,470 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/fail2ban.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,470 fail2ban.configparserinc[1]: INFO Loading files: ['/etc/fail2ban/fail2ban.conf'] 2023/11/21 22:03:09 stderr 2023-11-21 22:03:09,469 fail2ban.configreader [1]: INFO Loading configs for fail2ban under /etc/fail2ban 2023/11/21 22:03:09 stdout Add custom filter vaultwarden.conf... 2023/11/21 22:03:09 stdout WARNING: vaultwarden.conf already exists and will be overriden 2023/11/21 22:03:09 stdout Add custom filter vaultwarden-admin.conf... 2023/11/21 22:03:09 stdout WARNING: vaultwarden-admin.conf already exists and will be overriden 2023/11/21 22:03:09 stdout Checking for custom filters in /data/filter.d... 2023/11/21 22:03:09 stdout Add custom action iptables.local... 2023/11/21 22:03:09 stdout WARNING: iptables.local already exists and will be overriden 2023/11/21 22:03:09 stdout Add custom action iptables-common.local... 2023/11/21 22:03:09 stdout WARNING: iptables-common.local already exists and will be overriden 2023/11/21 22:03:09 stdout Checking for custom actions in /data/action.d... 2023/11/21 22:03:09 stdout Setting Fail2ban configuration... 2023/11/21 22:03:09 stdout Initializing files and folders... 2023/11/21 22:03:09 stdout WARNING: SSMTP_HOST must be defined if you want fail2ban to send emails 2023/11/21 22:03:09 stdout Setting SSMTP configuration...
Hello,
Thanks for your time and work. Can anyone confirm it still works with DSM 7.2?
I have copied iptables.local
The IP is banned but I can still access the server...
Here's fail2ban.log
2024-04-24 07:40:57,607 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- exec: { iptables -w -C f2b-bitwarden -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-bitwarden || true; iptables -w -A f2b-bitwarden -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-bitwarden >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-bitwarden; }
done
2024-04-24 07:40:57,607 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- returned 4
2024-04-24 07:40:57,608 fail2ban.actions [756]: ERROR Failed to execute ban jail 'bitwarden' action 'iptables-allports' info 'ActionInfo({'ip': 'xxx.xxx.xxx.xxx', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fe721dce480>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fe721dcec00>})': Error starting action Jail('bitwarden')/iptables-allports: 'Script error'
Thanks for your help.
Hi all, Same history in Version: 7.2.1-69057 Update 5 on my Syno
2024/05/05 00:06:25 stdout 2024-05-05 00:06:25,320 fail2ban.filter [1]: INFO [vaultwarden-admin] Found 37.170.151.69 - 2024-05-05 00:06:25 2024/05/05 00:06:23 stdout 2024-05-05 00:06:23,678 fail2ban.actions [1]: ERROR Failed to execute ban jail 'vaultwarden-admin' action 'iptables-allports' info 'ActionInfo({'ip': '37.170.151.69', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f130e351d00>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f130e352480>})': Error starting action Jail('vaultwarden-admin')/iptables-allports: 'Script error' 2024/05/05 00:06:23 stdout 2024-05-05 00:06:23,678 fail2ban.utils [1]: ERROR 7f130e973770 -- returned 4 2024/05/05 00:06:23 stdout 2024-05-05 00:06:23,678 fail2ban.utils [1]: ERROR 7f130e973770 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
I have the same problem on DSM 7.2.1-69057 Update 5
2024-05-07 18:09:20,883 fail2ban.utils [1]: ERROR 7f0a12df16b0 -- exec: { iptables -w -C f2b-vaultwarden -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-vaultwarden || true; iptables -w -A f2b-vaultwarden -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-vaultwarden >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-vaultwarden; }
done
2024-05-07 18:09:20,884 fail2ban.utils [1]: ERROR 7f0a12df16b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-07 18:09:20,884 fail2ban.utils [1]: ERROR 7f0a12df16b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-07 18:09:20,884 fail2ban.utils [1]: ERROR 7f0a12df16b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-07 18:09:20,884 fail2ban.utils [1]: ERROR 7f0a12df16b0 -- returned 4
2024-05-07 18:09:20,884 fail2ban.actions [1]: ERROR Failed to execute ban jail 'vaultwarden' action 'iptables-allports' info 'ActionInfo({'ip': 'XX.XX.XX.XX', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f0a12d85e40>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f0a12d865c0>})': Error starting action Jail('vaultwarden')/iptables-allports: 'Script error'
Hello,
Thanks for your time and work. Can anyone confirm it still works with DSM 7.2?
I have copied
iptables.local
The IP is banned but I can still access the server...Here's
fail2ban.log
2024-04-24 07:40:57,607 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- exec: { iptables -w -C f2b-bitwarden -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-bitwarden || true; iptables -w -A f2b-bitwarden -j RETURN; } for proto in $(echo 'tcp' | sed 's/,/ /g'); do { iptables -w -C INPUT -p $proto -j f2b-bitwarden >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-bitwarden; } done 2024-04-24 07:40:57,607 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' 2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' 2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' 2024-04-24 07:40:57,608 fail2ban.utils [756]: ERROR 7fe721dda3a0 -- returned 4 2024-04-24 07:40:57,608 fail2ban.actions [756]: ERROR Failed to execute ban jail 'bitwarden' action 'iptables-allports' info 'ActionInfo({'ip': 'xxx.xxx.xxx.xxx', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7fe721dce480>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7fe721dcec00>})': Error starting action Jail('bitwarden')/iptables-allports: 'Script error'
Thanks for your help.
I finally got it to work. My mistake... I attempted to use the conf files on a swag fail2ban instance... I tried a dedicated container as described here and it works straight out of the box.
soory for my ENG can you tel me more about your solution, my is hosted in a separed container( with NET-ADMIN and SYS-ADMIN) betwin Vaultwarden, F2B see Vaultwarden logs, and wen it see ip it try to ban but it cannot,
soory for my ENG can you tel me more about your solution, my is hosted in a separed container( with NET-ADMIN and SYS-ADMIN) betwin Vaultwarden, F2B see Vaultwarden logs, and wen it see ip it try to ban but it cannot,
Did you create a fail2ban container as described here? https://github.com/sosandroid/docker-fail2ban-synology#installation
I have a separate container following the instructions at https://github.com/sosandroid/docker-fail2ban-synology#installation
The error is still the same...
2024-05-08 17:22:00,792 fail2ban.utils [1]: ERROR 7f52298856b0 -- exec: { iptables -w -C f2b-vaultwarden -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-vaultwarden || true; iptables -w -A f2b-vaultwarden -j RETURN; }
for proto in $(echo 'tcp' | sed 's/,/ /g'); do
{ iptables -w -C INPUT -p $proto -j f2b-vaultwarden >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-vaultwarden; }
done
2024-05-08 17:22:00,792 fail2ban.utils [1]: ERROR 7f52298856b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 17:22:00,792 fail2ban.utils [1]: ERROR 7f52298856b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 17:22:00,793 fail2ban.utils [1]: ERROR 7f52298856b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument'
2024-05-08 17:22:00,793 fail2ban.utils [1]: ERROR 7f52298856b0 -- returned 4
2024-05-08 17:22:00,793 fail2ban.actions [1]: ERROR Failed to execute ban jail 'vaultwarden' action 'iptables-allports' info 'ActionInfo({'ip': 'XX.XX.XX.XX', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f522981de40>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f522981e5c0>})': Error starting action Jail('vaultwarden')/iptables-allports: 'Script error'
Just in case, I have deleted the container completely and recreated it. The only thing I have done afterwards is delete the bitwarden.conf and bitwarden-admin.conf files from the jail.d and filter.d folders because I use vaultwarden
Have you put the file iptables.local in action.d
?
Yes of course, I have not modified the action.d folder
This is the iptables.local file:
[Init]
blocktype = DROP
[Init?family=inet6]
blocktype = DROP
Same Pb for me Docker in Privilegied and Host Network F2B Logs :
`
2024/05/08 20:03:55 | stdout | 2024-05-08 18:03:55,813 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 18:03:55 |
---|---|---|
2024/05/08 20:03:54 | stdout | 2024-05-08 18:03:54,586 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 18:03:54 |
2024/05/08 20:03:54 | stdout | 2024-05-08 18:03:53,672 fail2ban.actions [1]: WARNING [vaultwarden] 78.243.145.140 already banned |
2024/05/08 20:03:53 | stdout | 2024-05-08 18:03:53,314 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 18:03:53 |
2024/05/08 20:03:51 | stdout | 2024-05-08 18:03:51,953 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 18:03:51 |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,354 fail2ban.actions [1]: ERROR Failed to execute ban jail 'vaultwarden' action 'iptables-allports' info 'ActionInfo({'ip': '78.243.145.140', 'family': 'inet4', 'fid': <function Actions.ActionInfo. |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,354 fail2ban.utils [1]: ERROR 7f868df156b0 -- returned 4 |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,354 fail2ban.utils [1]: ERROR 7f868df156b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,354 fail2ban.utils [1]: ERROR 7f868df156b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,354 fail2ban.utils [1]: ERROR 7f868df156b0 -- stderr: 'iptables v1.8.10 (nf_tables): Could not fetch rule set generation id: Invalid argument' |
2024/05/08 20:00:46 | stdout | done |
2024/05/08 20:00:46 | stdout | { iptables -w -C INPUT -p $proto -j f2b-vaultwarden >/dev/null 2>&1; } || { iptables -w -I INPUT -p $proto -j f2b-vaultwarden; } |
2024/05/08 20:00:46 | stdout | for proto in $(echo 'tcp' | sed 's/,/ /g'); do |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,353 fail2ban.utils [1]: ERROR 7f868df156b0 -- exec: { iptables -w -C f2b-vaultwarden -j RETURN >/dev/null 2>&1; } || { iptables -w -N f2b-vaultwarden || true; iptables -w -A f2b-vaultwarden -j RETURN; } |
2024/05/08 20:00:46 | stdout | 2024-05-08 18:00:46,332 fail2ban.actions [1]: NOTICE [vaultwarden] Ban 78.243.145.140 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,881 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:47 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,880 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:46 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,880 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:45 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,880 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:43 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,879 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:41 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,878 fail2ban.filter [1]: INFO [vaultwarden] Found 78.243.145.140 - 2024-05-08 16:00:39 |
2024/05/08 20:00:45 | stdout | 2024-05-08 18:00:45,878 fail2ban.ipdns [1]: WARNING Unable to find a corresponding IP address for optional: [Errno -2] Name does not resolve |
2024/05/08 20:00:43 | stdout | 2024-05-08 18:00:43,264 fail2ban.ipdns [1]: WARNING Unable to find a corresponding IP address for #: [Errno -2] Name does not resolve |
2024/05/08 20:00:43 | stdout | Server ready |
`
-----My action.d-----
[Init] blocktype = DROP [Init?family=inet6] blocktype = DROP -----My filter.d---- vaultwarden.conf
[INCLUDES] before = common.conf
[Definition]
failregex = ^.Username or password is incorrect. Try again. IP:
[DEFAULT]
ignoreip = 172.16.0.0/12 192.168.10.0/16 10.6.0.0/8 # optional
bantime = 2592000 findtime = 86400 maxretry = 4 banaction = iptables-allports ignoreself = false
[vaultwarden]
enabled = true port = 80,443,3012 # alternative: anyport filter = vaultwarden logpath = /logs/vaultwarden.log -------- My iptable.local --------- [Init] blocktype = DROP [Init?family=inet6] blocktype = DROP
Docker with env : NET-ADMIN and NET-RAW - F2B Log : `
2024/05/08 20:27:28 | stdout | 2024-05-08 18:27:27,962 fail2ban.actions [1]: ERROR Failed to execute ban jail 'vaultwarden' action 'iptables-allports' info 'ActionInfo({'ip': '78.243.145.140', 'family': 'inet4', 'fid':`
I have the issue now as well.
I updated the container and image: crazymax/fail2ban:latest
is currently 1.1.0
If I revert back my docker compose to image: crazymax/fail2ban:1.0.2
, it's working again.
I have the issue now as well. I updated the container and
image: crazymax/fail2ban:latest
is currently 1.1.0 If I revert back my docker compose toimage: crazymax/fail2ban:1.0.2
, it's working again.
Dude !!!! you'r sooo true.. Works !!! .
I've opened an issue in crazy-max/docker-fail2ban
@ngthwi You're the best! Thank you so much!!!
It's fixed, you can therefore pull image: crazymax/fail2ban:latest
again
Thank you for this follow up
Hello,
For a long time, I was not using the crazy-max/docker-fail2ban image as instructed by this repo, but instead I was using swag. But this repository and its hacks helped me to configure swag's fail2ban to make it work with my synology, so thank you for that.
Unfortunately, recently I upgraded my swag container to the latest image (which hadn't been upgraded for a while), and since then, I get the same error.
Can anyone confirm it still works with DSM 7.2?
I'm still on DSM 7.1 (I know, shame on me, I should upgrade), so I don't think it's related to a new DSM upgrade.
I tried however to recreate my swag container with an older image (2.8.0, which is 4 month old), but strangely, the error is still there.
Furthermore, I tried as well to create a whole new separated fail2ban container, as advised by this repo and in this issue's comments: f2b successfully detects the login attempts, and "bans", however I'm not really banned, as shown in those logs, I can still connect:
2024-05-22 22:34:05,294 fail2ban.filter [1]: INFO [vaultwarden] Found 149.102.245.141 - 2024-05-22 22:34:05
2024-05-22 22:34:08,659 fail2ban.filter [1]: INFO [vaultwarden] Found 149.102.245.141 - 2024-05-22 22:34:08
2024-05-22 22:34:09,530 fail2ban.filter [1]: INFO [vaultwarden] Found 149.102.245.141 - 2024-05-22 22:34:09
2024-05-22 22:34:10,233 fail2ban.filter [1]: INFO [vaultwarden] Found 149.102.245.141 - 2024-05-22 22:34:10
2024-05-22 22:34:10,642 fail2ban.actions [1]: NOTICE [vaultwarden] Ban 149.102.245.141
2024-05-22 22:34:10,939 fail2ban.filter [1]: INFO [vaultwarden] Found 149.102.245.141 - 2024-05-22 22:34:17
I tried with the crazy-max/docker-fail2ban:latest
image and with the crazy-max/docker-fail2ban:1.0.2
image as well, but both don't "really ban" the IPs.
I'm not sure what I did wrong. The only thing that I changed is to only keep the vaultwarden.conf
file in the filter.d/
folder, and same for the folder jail.d/
(only vaultwarden.conf
was kept).
Any ideas ?
Hello, I have the same problem, have you finally found a solution?
Hi,
After hours of debugging, I finally managed to make "DROP" default. To make it work, the file now needs to be named iptables.local and not iptables-common.local anymore
Thank you