Fail2ban for OMV 4 Arrakis

    • OMV 4.x
    • On more thing in the fail2ban log. Seems like fail2ban cannot hook correctly into the iptables:

      Source Code

      1. 2018-11-30 20:36:17,390 fail2ban.action [15638]: ERROR iptables -w -N f2b-ssh
      2. iptables -w -A f2b-ssh -j RETURN
      3. iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-ssh -- stdout: b''
      4. 2018-11-30 20:36:17,391 fail2ban.action [15638]: ERROR iptables -w -N f2b-ssh
      5. iptables -w -A f2b-ssh -j RETURN
      6. iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-ssh -- stderr: b"iptables v1.6.0: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\niptables v1.6.0: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n"
      7. 2018-11-30 20:36:17,392 fail2ban.action [15638]: ERROR iptables -w -N f2b-ssh
      8. iptables -w -A f2b-ssh -j RETURN
      9. iptables -w -I INPUT -p tcp -m multiport --dports ssh -j f2b-ssh -- returned 3
      10. 2018-11-30 20:36:17,393 fail2ban.actions [15638]: ERROR Failed to start jail 'ssh' action 'iptables-multiport': Error starting action
    • badda wrote:

      On more thing in the fail2ban log. Seems like fail2ban cannot hook correctly into the iptables:
      Someone else will have to tell me how to fix that.
      omv 4.1.15 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • badda wrote:

      Your package works if:


      file /etc/fail2ban/jail.d/defaults-debian.conf is removed


      you change the UUID of jail nginx-404 to something else in config.xml (I used 9eb1c202-b6d5-4da8-9c20-ae9790a41d1a)
      Both of those are done in the version available at the link now. Just need someone else to test and I will put in the repo.
      omv 4.1.15 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • Hi,

      I just installed the plugin, and I received this message:

      Source Code

      1. Setting up openmediavault-fail2ban (4.0) ...
      2. Updating configuration database ...
      3. Processing triggers for openmediavault (4.1.14-1) ...
      4. Updating locale files ...
      5. Updating file permissions ...
      6. Purging internal cache ...
      7. Restarting engine daemon ...
      8. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      9. Traceback (most recent call last):
      10. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      11. TypeError: 'NoneType' object is not callable
      12. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      13. Traceback (most recent call last):
      14. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      15. TypeError: 'NoneType' object is not callable
      16. Done ...
      17. Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl start 'fail2ban' 2>&1' with exit code '1': Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
      Display All
      OMV v4.0
      Asus Z97-A/3.1; i3-4370
      32GB RAM Corsair Vengeance Pro
      4x3TB RAID10

      The post was edited 1 time, last by tinh_x7 ().

    • tinh_x7 wrote:

      Hi,

      I just installed the plugin, and I received this message:

      Source Code

      1. Setting up openmediavault-fail2ban (4.0) ...
      2. Updating configuration database ...
      3. Processing triggers for openmediavault (4.1.14-1) ...
      4. Updating locale files ...
      5. Updating file permissions ...
      6. Purging internal cache ...
      7. Restarting engine daemon ...
      8. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      9. Traceback (most recent call last):
      10. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      11. TypeError: 'NoneType' object is not callable
      12. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      13. Traceback (most recent call last):
      14. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      15. TypeError: 'NoneType' object is not callable
      16. Done ...
      17. Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl start 'fail2ban' 2>&1' with exit code '1': Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
      Display All
      This error is not fail2ban related. It's a bug in python. Solution is described here:
      mytec-home.de/multimedia/openm…f-4-arrakis-aktualisieren

      You need to edit /usr/lib/python3.5/weakref.py

      Change line 109 from:
      def remove(wr, selfref=ref(self)):
      to:
      def remove(wr, selfref=ref(self), _atomic_removal=_remove_dead_weakref):

      and line 117 from:
      _remove_dead_weakref(d, wr.key)
      to:
      _atomic_removal(d, wr.key)
    • badda wrote:

      tinh_x7 wrote:

      Hi,

      I just installed the plugin, and I received this message:

      Source Code

      1. Setting up openmediavault-fail2ban (4.0) ...
      2. Updating configuration database ...
      3. Processing triggers for openmediavault (4.1.14-1) ...
      4. Updating locale files ...
      5. Updating file permissions ...
      6. Purging internal cache ...
      7. Restarting engine daemon ...
      8. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      9. Traceback (most recent call last):
      10. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      11. TypeError: 'NoneType' object is not callable
      12. Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f66755608c8>
      13. Traceback (most recent call last):
      14. File "/usr/lib/python3.5/weakref.py", line 117, in remove
      15. TypeError: 'NoneType' object is not callable
      16. Done ...
      17. Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl start 'fail2ban' 2>&1' with exit code '1': Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
      Display All
      This error is not fail2ban related. It's a bug in python. Solution is described here:mytec-home.de/multimedia/openm…f-4-arrakis-aktualisieren

      You need to edit /usr/lib/python3.5/weakref.py

      Change line 109 from:
      def remove(wr, selfref=ref(self)):
      to:
      def remove(wr, selfref=ref(self), _atomic_removal=_remove_dead_weakref):

      and line 117 from:
      _remove_dead_weakref(d, wr.key)
      to:
      _atomic_removal(d, wr.key)
      DON'T MODIFY the Python code yourself. It's only a cosmetic issue. If you don't know what you're doing you will corrupt Python.
      Absolutely no support through PM!

      I must not fear.
      Fear is the mind-killer.
      Fear is the little-death that brings total obliteration.
      I will face my fear.
      I will permit it to pass over me and through me.
      And when it has gone past I will turn the inner eye to see its path.
      Where the fear has gone there will be nothing.
      Only I will remain.

      Litany against fear by Bene Gesserit
    • When I tried to enable Fail2ban, I got an error message:

      Source Code

      1. Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl start 'fail2ban' 2>&1' with exit code '1': Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
      How do I fix this ?
      OMV v4.0
      Asus Z97-A/3.1; i3-4370
      32GB RAM Corsair Vengeance Pro
      4x3TB RAID10
    • tinh_x7 wrote:

      When I tried to enable Fail2ban, I got an error message:

      Source Code

      1. Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl start 'fail2ban' 2>&1' with exit code '1': Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
      How do I fix this ?
      Did you run the suggested commands to see what might be causing this?
      OMV 4.x - ASRock Rack C2550D4I - 16GB ECC - Silverstone DS380
    • Source Code

      1. systemctl status fail2ban.service
      2. ● fail2ban.service - Fail2Ban Service
      3. Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset:
      4. enabled)
      5. Active: failed (Result: exit-code) since Sun 2018-12-02 17:58:44 E
      6. ST; 21s ago
      7. Docs: man:fail2ban(1)
      8. Process: 3621 ExecStart=/usr/bin/fail2ban-client -x start (code=exited
      9. , status=255)
      10. Dec 02 17:58:44 server systemd[1]: Failed to start Fail2Ban Service.
      11. Dec 02 17:58:44 server systemd[1]: fail2ban.service: Unit entered failed
      12. state.
      13. Dec 02 17:58:44 server systemd[1]: fail2ban.service: Failed with result
      14. 'exit-code'.
      15. Dec 02 17:58:44 server systemd[1]: fail2ban.service: Service hold-off time over,
      16. scheduling restart.
      17. Dec 02 17:58:44 server systemd[1]: Stopped Fail2Ban Service.
      18. Dec 02 17:58:44 server systemd[1]: fail2ban.service: Start request repea
      19. ted too quickly.
      20. Dec 02 17:58:44 server systemd[1]: Failed to start Fail2Ban Service.
      21. Dec 02 17:58:44 server systemd[1]: fail2ban.service: Unit entered failed
      Display All
      OMV v4.0
      Asus Z97-A/3.1; i3-4370
      32GB RAM Corsair Vengeance Pro
      4x3TB RAID10