Comments (2)
crazy-max
commented on June 26, 2024
@bmccorm2 F2B_IPTABLES_CHAIN env var has been removed and README updated to use chain = <name> def. Can you try with this new behavior?
from docker-fail2ban.
bmccorm2
commented on June 26, 2024
Cool thanks I think that is a good change. I was going along the same lines with my setup (now have one container and would specify the chain within the jail.conf file) But I am still getting that same error.
And today I just tried installing fail2ban on the host and running it and it worked perfectly fine. I don't know if i have some setup issue but docker-fail2ban image will not write to my IP tables for DOCKER-USER chain. I use the same default action for postfix in the container as I do for the host package but for whatever reason it fails in the container. I can go into the container and verify those commands fail but i don't know enough about iptables to be able to fix it.
- docker-compose.yml
f2b:
image: crazymax/fail2ban
container_name: f2b
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
env_file:
- env/f2b.${ENV}.env
volumes:
- /opt/f2b:/data
- /var/log:/var/log:ro
restart: always
- f2b.prd.env
TZ=America/Denver
F2B_LOG_TARGET=STDOUT
F2B_LOG_LEVEL=INFO
F2B_DB_PURGE_AGE=1d
- postfix.conf
[postfix]
enabled = true
# To use another modes set filter parameter "mode" in jail.local:
filter = postfix[mode=aggressive]
port = smtp,465,submission
chain = DOCKER-USER
logpath = %(postfix_log)s
backend = %(postfix_backend)s
- Fail2ban Logs
2020-07-30 16:39:25,498 fail2ban.actions [1]: NOTICE [postfix] Ban 212.70.149.67
2020-07-30 16:39:25,501 fail2ban.observer [1]: INFO [postfix] IP 212.70.149.67 is bad: 1 # last 2020-07-30 03:57:44 - incr 1:00:00 to 10:00:44
2020-07-30 16:39:25,502 fail2ban.observer [1]: NOTICE [postfix] Increase Ban 212.70.149.67 (2 # 10:00:44 -> 2020-07-31 02:40:08)
2020-07-30 16:39:25,509 fail2ban.utils [1]: ERROR 7f84ad282510 -- exec: iptables -w -N f2b-postfix
iptables -w -A f2b-postfix -j RETURN
iptables -w -I DOCKER-USER -p tcp -m multiport --dports smtp,465,submission -j f2b-postfix
2020-07-30 16:39:25,510 fail2ban.utils [1]: ERROR 7f84ad282510 -- stderr: 'iptables: Chain already exists.'
2020-07-30 16:39:25,510 fail2ban.utils [1]: ERROR 7f84ad282510 -- stderr: 'iptables: No chain/target/match by that name.'
2020-07-30 16:39:25,510 fail2ban.utils [1]: ERROR 7f84ad282510 -- returned 1
2020-07-30 16:39:25,511 fail2ban.actions [1]: ERROR Failed to execute ban jail 'postfix' action 'iptables-multiport' info 'ActionInfo({'ip': '212.70.149.67', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f84ad942e50>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f84ad941550>})': Error starting action Jail('postfix')/iptables-multiport: 'Script error'
2020-07-30 16:39:31,207 fail2ban.filter [1]: INFO [postfix] Found 212.70.149.67 - 2020-07-30 16:39:31
from docker-fail2ban.
Related Issues (20)
- Sendmail Report HOT 3
- Fail2Ban crash HOT 1
- Sendmail "wrong parameters" issue , always the first time execution of "sendmail" command,second try always okay. HOT 1
- Consider adding mail standalone feature HOT 1
- pip binary is missing, trying to `apk add py3-pip` breaks HOT 1
- [Feature Request] Add AbuseIPDB API integration
- [Feature Request] Add AbuseIPDB API integration HOT 1
- Can't send SMTP emails HOT 1
- F2B_DB_PURGE_AGE in examples is bogus HOT 2
- Help I banned my WAN IP and Unbanning command did not work HOT 1
- Is it possible to support Webhook? HOT 1
- Warning message is always triggered: already exists and will be overriden HOT 1
- Input chain not working sshd
- How to configure SSMTP if smtp server no authentication is required
- Disable: WARNING Unable to find a corresponding IP address for fail2ban: [Errno -2] Name does not resolve HOT 4
- Functionality for PUID/PGID
- System slowdown after more than 1 day of operation
- How to custom dockerfile to run container?
- Fail2ban docker not banning even if it says "already banned" HOT 3
- Subdomain access not blocked
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-fail2ban.