Nov 17 2011

Fail2ban iptables error on ISPConfig on Ubuntu 11

After installing ISPConfig 3.0.4 on a test machine, along with fail2ban, i saw saw an error in fail2ban log. It seems there was a “race” condition with iptables.
My test setup was : ISPConfig 3.0.4 running on Ubuntu 11.04 x64 Server, Fail2ban version 0.8.4
Hardware : IBM x3550, 2 GB RAM, 146 GB SAS 15k

The error was like this : ERROR iptables -N fail2ban-courierpop3s returned 200

In IPSConfig panel, in Monitor -> Logfiles -> Show Fail2ban log you can see this error :

2011-11-17 14:07:22,318 fail2ban.actions.action: ERROR iptables -N fail2ban-courierpop3s
iptables -A fail2ban-courierpop3s -j RETURN
iptables -I INPUT -p tcp -m multiport --dports pop3s -j fail2ban-courierpop3s returned 200

You must edit /usr/bin/fail2ban-client python application.

Add the line:

In the function :

def __processCmd(self, cmd, showRet = True):
          beautifier = Beautifier()
          for c in cmd:

so it looks like this :

def __processCmd(self, cmd, showRet = True):
          beautifier = Beautifier()
          for c in cmd:

Original post was here, but the fail2ban-client python application is a bit different.

Edit : you can also find the same problem and resolution on the fail2ban wiki.


1 ping

  1. Seven

    Thanks! Saved my day today!

  2. Cristian

    Great! This solved my terrible headache ­čÖé

  1. Prevención de intrusos con fail2ban | Javier Gálvez

    […] Otro error t├şpico que podemos encontrar es la aparici├│n de errores con iptables al reiniciar el servicio de fail2ban. Para solucionar esto tenemos que editar el fichero /usr/bin/fail2ban-client y a├▒adir la l├şnea┬átime.sleep(0.1) como se indica a continuaci├│n (http://www.evilbox.ro/linux/fail2ban-iptables-error-on-ispconfig-on-ubuntu-11/): […]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


This site uses Akismet to reduce spam. Learn how your comment data is processed.