I installed the fail2ban plugin, enabled some of the default jails, and enabled the service. However the service doesn't start:
Code
systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2022-02-26 17:12:54 CET; 6min ago
Docs: man:fail2ban(1)
Process: 2396217 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
Process: 2396218 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
Main PID: 2396218 (code=exited, status=255/EXCEPTION)
If I run the start command manually I can see the problem:
Code
/usr/bin/fail2ban-server -xf start
2022-02-26 17:13:41,660 fail2ban.configreader [2397030]: ERROR Found no accessible config files for 'filter.d/sshd-ddos' under /etc/fail2ban
2022-02-26 17:13:41,661 fail2ban.jailreader [2397030]: ERROR Unable to read the filter 'sshd-ddos'
2022-02-26 17:13:41,661 fail2ban.jailsreader [2397030]: ERROR Errors in jail 'ssh-ddos'. Skipping...
2022-02-26 17:13:41,669 fail2ban.configreader [2397030]: ERROR Found no accessible config files for 'filter.d/apache-404' under /etc/fail2ban
2022-02-26 17:13:41,669 fail2ban.jailreader [2397030]: ERROR Unable to read the filter 'apache-404'
2022-02-26 17:13:41,669 fail2ban.jailsreader [2397030]: ERROR Errors in jail 'apache-404'. Skipping...
2022-02-26 17:13:41,675 fail2ban [2397030]: ERROR Failed during configuration: Have not found any log file for apache-noscript jail
2022-02-26 17:13:41,678 fail2ban [2397030]: ERROR Async configuration of server failed
I find various proposed solutions for these issues for fail2ban in general, but it seems like the configuration should be managed by openmediavault-fail2ban. So manually tweaking this seems to go against the recommended practice for OMV.
I can disable the ssh-ddos and apache-noscript jails and then the service does start, but it seems they should have configuration by default as well. How to fix?