Vesta Control Panel - Forum

Posted: **Sat Oct 27, 2018 6:10 pm**

Hi trying to get these 2 working, but not having any joy!

/etc/fail2ban/jail.conf

[apache-badbots]
enabled  = true
filter   = apache-badbots
action   = vesta[name=BADBOTS]
logpath  = /var/log/apache2/domains/*.log
maxretry = 3

[apache-botsearch]
enabled  = true
filter   = apache-botsearch
action   = vesta[name=BADSEARCH]
logpath  = /var/log/apache2/domains/*.log
maxretry = 3

Working entry looks like this

Code: Select all

[ssh-iptables]
enabled  = true
filter   = sshd
action   = vesta[name=SSH]
logpath  = /var/log/auth.log
maxretry = 3

getting following errors in log

Code: Select all

** ERRORS **
      /usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stderr: b'': 1 Time(s)
      /usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n': 1 Time(s)
      /usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- stderr: b'': 1 Time(s)
      /usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n': 1 Time(s)
      Failed to start jail 'apache-badbots' action 'vesta': Error starting action: 1 Time(s)
      Failed to start jail 'apache-botsearch' action 'vesta': Error starting action: 1 Time(s)


1 error(s) returned from actions:
 2018-10-26 12:31:42,679 fail2ban.action         [1184]: ERROR   /usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- returned 1
 2018-10-26 12:31:42,783 fail2ban.action         [1184]: ERROR   /usr/local/vesta/bin/v-add-firewall-chain BADSEARCH -- returned 1

No iptables created

Code: Select all

iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
fail2ban-VESTA  tcp  --  anywhere             anywhere             tcp dpt:8083
fail2ban-FTP  tcp  --  anywhere             anywhere             tcp dpt:ftp
fail2ban-SSH  tcp  --  anywhere             anywhere             tcp dpt:ssh
f2b-recidive  all  --  anywhere             anywhere            
f2b-sshd   tcp  --  anywhere             anywhere             multiport dports ssh
fail2ban-MAIL  tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps

Any ideas what i am missing?

thanks

Posted: **Sun Oct 28, 2018 10:37 am**

ok tried running command via console.

Code: Select all

/usr/local/vesta/bin/v-add-firewall-chain BADBOTS -- stdout: b'Usage: v-add-firewall-chain CHAIN PORT\n'
iptables v1.6.0: unknown protocol "busage:" specified
Try `iptables -h' or 'iptables --help' for more information.

Posted: **Wed Apr 01, 2020 10:24 am**

you specified:

Code: Select all

action   = vesta[name=BADBOTS]

in file /usr/local/vesta/bin/v-add-firewall-chain

Code: Select all

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Checking known chains
case $chain in
    SSH)        # Get ssh port by reading ssh config file.
                sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
                if [ -z "$sshport" ]; then
                    sshport=2552
                fi
                port=$sshport; 
                protocol=TCP ;;
    FTP)        port=21; protocol=TCP  ;;
    MAIL)       port='25,465,587,2525,110,995,143,993'; protocol=TCP  ;;
    DNS)        port=53; protocol=UDP  ;;
    WEB)        port='80,443'; protocol=TCP  ;;
    DB)         port='3306,5432'; protocol=TCP  ;;
    VESTA)      port=$vestaport; protocol=TCP  ;;
    *)          check_args '2' "$#" 'CHAIN PORT' ;;
esac

Either add your name, or choose from the standard ones, for apache it’s suitable:

Code: Select all

action  = vesta[name=WEB]

Vesta Control Panel - Forum

fail2ban - apache-badbots apache-badsearch

fail2ban - apache-badbots apache-badsearch

Re: fail2ban - apache-badbots apache-badsearch

Re: fail2ban - apache-badbots apache-badsearch