Bonjour
J’ai du rebooter mon serveur, et la surprise, fail2ban n’as pas démarré, il a fallu que je le lance à la mano 
Comment faire pour qu’il se lance automatiquement au lancement du serveur??
Merci par avance
Salut,
Aller voir dans sysv-rc-conf comment il est paramétré 
euhhh je ne trouve pas ce que tu me demande 
par contre dans /etc/rc2.d j’ai ça
lrwxrwxrwx 1 root root 18 22 nov. 09:18 S18fail2ban -> …/init.d/fail2ban
Donc normalement il devrait bien demarrer non??
Re,
Mes excuses ! sysv-rc-conf est à installer avant de s’en servir
OK 
bon en tout cas ce foutu fail2ban est bien present dans /etc/rc2.d
lrwxrwxrwx 1 root root 18 22 nov. 09:18 S18fail2ban -> …/init.d/fail2ban
et si j’edite /etc/rc2.d/S18fail2ban
j’ai bien
# fail2ban-client is not a daemon itself but starts a daemon and
# loads its with configuration
DAEMON=/usr/bin/$NAME-client
SCRIPTNAME=/etc/init.d/$NAMEIl n’y a pas de raison qu’il ne demarre pas, tout y est 
Salut,
Que donne:
Ensuite:
Et enfin… (Il y a un bug très gênant sur le version stable):
service fail2ban status
service fail2ban status
Status of authentication failure monitor:fail2ban is running.grep ERROR /var/log/fail2ban.log
2011-12-05 22:32:17,866 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https -j fail2ban-apache-noscript
2011-12-05 22:32:19,061 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh-ddos
2011-12-05 22:32:19,992 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https -j fail2ban-apache-multiport
2011-12-05 22:32:20,194 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,ssmtp -j fail2ban-postfix
2011-12-05 22:32:20,518 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,ssmtp -j fail2ban-couriersmtp
2011-12-05 22:32:21,975 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports ssh, sftp, 2221, 2222 -j fail2ban-ssh
2011-12-05 22:32:22,383 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s -j fail2ban-sasl
2011-12-05 22:32:23,342 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https -j fail2ban-apache-overflows
2011-12-05 22:32:24,431 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https -j fail2ban-apache
2011-12-05 22:32:27,163 fail2ban.actions.action: ERROR iptables -N fail2ban-apache
2011-12-05 22:32:27,165 fail2ban.actions.action: ERROR iptables -N fail2ban-ssh
2011-12-05 22:33:03,226 fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https -j fail2ban-apache
2011-12-05 22:33:05,225 fail2ban.actions.action: ERROR iptables -N fail2ban-ssh
2011-12-05 22:36:13,885 fail2ban.actions.action: ERROR iptables -N fail2ban-apache-overflows
2011-12-05 22:36:13,901 fail2ban.actions.action: ERROR iptables -N fail2ban-ssh
2011-12-05 22:36:13,940 fail2ban.actions.action: ERROR iptables -N fail2ban-courierauthapt-cache policy fail2ban
fail2ban:
Installé : 0.8.4-3
Candidat : 0.8.4-3
Table de version :
*** 0.8.4-3 0
500 http://ftp.fr.debian.org/debian/ squeeze/main amd64 Packages
500 http://ftp.de.debian.org/debian/ squeeze/main amd64 Packages
100 /var/lib/dpkg/statusinfo sup
fail2ban-client status
Status
|- Number of jail: 12
`- Jail list: apache-noscript, xinetd-fail, ssh-ddos, apache-multiport, postfix, couriersmtp, ssh, sasl, apache-overflows, courierauth, apache, proftpdRe,
D’après ce que je vois tu es atteint par ce bug: bugs.debian.org/cgi-bin/bugreport.cgi?bug=554162
De multiples jails empêchent fail2ban de démarrer convenablement.
Solution: Bidouiller le binaire ou installer la version testing… isalo.org/wiki.debian-fr/ind … e_fail2ban
Il y a un patch dispo (lien sur le rapport de bug).
Pour ma part j’ai installé la version testing (mon serveur est en stable, les dépendances ne posent pas de problèmes)
# apt-cache policy fail2ban
fail2ban:
Installé : 0.8.5-2
Candidat : 0.8.5-2
Table de version :
*** 0.8.5-2 0
-10 http://mirror.ovh.net/debian/ wheezy/main amd64 Packages
100 /var/lib/dpkg/status
0.8.4-3 0
900 http://mirror.ovh.net/debian/ squeeze/main amd64 Packages
900 http://ftp.fr.debian.org/debian/ squeeze/main amd64 Packages
merci
je vais voir dans un premier temps en mettant la temporisation sur /usr/bin/fail2ban-client
voila ce que j’obtiens dans mon fail2ban.log apres ajout de time.sleep
2011-12-06 14:38:22,372 fail2ban.jail : INFO Jail 'apache-noscript' stopped
2011-12-06 14:38:22,491 fail2ban.jail : INFO Jail 'xinetd-fail' stopped
2011-12-06 14:38:22,581 fail2ban.jail : INFO Jail 'ssh-ddos' stopped
2011-12-06 14:38:22,686 fail2ban.jail : INFO Jail 'apache-multiport' stopped
2011-12-06 14:38:23,108 fail2ban.jail : INFO Jail 'postfix' stopped
2011-12-06 14:38:23,898 fail2ban.jail : INFO Jail 'couriersmtp' stopped
2011-12-06 14:38:24,004 fail2ban.jail : INFO Jail 'ssh' stopped
2011-12-06 14:38:24,215 fail2ban.jail : INFO Jail 'sasl' stopped
2011-12-06 14:38:24,797 fail2ban.jail : INFO Jail 'apache-overflows' stopped
2011-12-06 14:38:25,425 fail2ban.jail : INFO Jail 'courierauth' stopped
2011-12-06 14:38:26,312 fail2ban.jail : INFO Jail 'apache' stopped
2011-12-06 14:38:26,527 fail2ban.jail : INFO Jail 'proftpd' stopped
2011-12-06 14:38:26,732 fail2ban.server : INFO Changed logging target to /var/
log/fail2ban.log for Fail2ban v0.8.4-SVN
2011-12-06 14:38:26,834 fail2ban.jail : INFO Creating new jail 'apache-noscr
ipt'
2011-12-06 14:38:26,928 fail2ban.jail : INFO Jail 'apache-noscript' uses pol
ler
2011-12-06 14:38:27,031 fail2ban.filter : INFO Added logfile = /var/log/apache
2/error.log
2011-12-06 14:38:27,134 fail2ban.filter : INFO Set maxRetry = 10
2011-12-06 14:38:27,337 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:27,439 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:28,660 fail2ban.jail : INFO Creating new jail 'xinetd-fail'
2011-12-06 14:38:28,660 fail2ban.jail : INFO Jail 'xinetd-fail' uses poller
2011-12-06 14:38:28,764 fail2ban.filter : INFO Added logfile = /var/log/daemon
.log
2011-12-06 14:38:28,866 fail2ban.filter : INFO Set maxRetry = 2
2011-12-06 14:38:29,069 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:29,171 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:30,392 fail2ban.jail : INFO Creating new jail 'ssh-ddos'
2011-12-06 14:38:30,392 fail2ban.jail : INFO Jail 'ssh-ddos' uses poller
2011-12-06 14:38:30,495 fail2ban.filter : INFO Added logfile = /var/log/auth.l
og
2011-12-06 14:38:30,597 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:30,801 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:30,903 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:32,021 fail2ban.jail : INFO Creating new jail 'apache-multi
port'
2011-12-06 14:38:32,022 fail2ban.jail : INFO Jail 'apache-multiport' uses po
ller
2011-12-06 14:38:32,257 fail2ban.filter : INFO Added logfile = /var/log/apache
2/error.log
2011-12-06 14:38:32,359 fail2ban.filter : INFO Set maxRetry = 10
2011-12-06 14:38:32,563 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:32,664 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:33,987 fail2ban.jail : INFO Creating new jail 'apache-overf
lows'
2011-12-06 14:38:33,987 fail2ban.jail : INFO Jail 'apache-overflows' uses po
ller
2011-12-06 14:38:34,090 fail2ban.filter : INFO Added logfile = /var/log/apache
2/error.log
2011-12-06 14:38:34,192 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:34,395 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:34,497 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:35,616 fail2ban.jail : INFO Creating new jail 'couriersmtp'
2011-12-06 14:38:35,616 fail2ban.jail : INFO Jail 'couriersmtp' uses poller
2011-12-06 14:38:35,719 fail2ban.filter : INFO Added logfile = /var/log/mail.l
og
2011-12-06 14:38:35,821 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:36,024 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:36,126 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:37,245 fail2ban.jail : INFO Creating new jail 'ssh'
2011-12-06 14:38:37,245 fail2ban.jail : INFO Jail 'ssh' uses poller
2011-12-06 14:38:37,384 fail2ban.filter : INFO Added logfile = /var/log/auth.l
og
2011-12-06 14:38:37,486 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:37,689 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:37,791 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:39,861 fail2ban.jail : INFO Creating new jail 'postfix'
2011-12-06 14:38:39,861 fail2ban.jail : INFO Jail 'postfix' uses poller
2011-12-06 14:38:39,964 fail2ban.filter : INFO Added logfile = /var/log/mail.l
og
2011-12-06 14:38:40,066 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:40,269 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:40,371 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:41,489 fail2ban.jail : INFO Creating new jail 'sasl'
2011-12-06 14:38:41,490 fail2ban.jail : INFO Jail 'sasl' uses poller
2011-12-06 14:38:41,592 fail2ban.filter : INFO Added logfile = /var/log/mail.l
og
2011-12-06 14:38:41,694 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:41,898 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:42,000 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:43,118 fail2ban.jail : INFO Creating new jail 'apache'
2011-12-06 14:38:43,119 fail2ban.jail : INFO Jail 'apache' uses poller
2011-12-06 14:38:43,222 fail2ban.filter : INFO Added logfile = /var/log/apache
2/error.log
2011-12-06 14:38:43,324 fail2ban.filter : INFO Set maxRetry = 10
2011-12-06 14:38:43,528 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:43,630 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:44,952 fail2ban.jail : INFO Creating new jail 'courierauth'
2011-12-06 14:38:44,952 fail2ban.jail : INFO Jail 'courierauth' uses poller
2011-12-06 14:38:45,055 fail2ban.filter : INFO Added logfile = /var/log/mail.l
og
2011-12-06 14:38:45,157 fail2ban.filter : INFO Set maxRetry = 6
2011-12-06 14:38:45,360 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:45,462 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:46,581 fail2ban.jail : INFO Creating new jail 'proftpd'
2011-12-06 14:38:46,581 fail2ban.jail : INFO Jail 'proftpd' uses poller
2011-12-06 14:38:46,684 fail2ban.filter : INFO Added logfile = /var/log/proftp
d/proftpd.log
2011-12-06 14:38:46,786 fail2ban.filter : INFO Set maxRetry = 10
2011-12-06 14:38:46,989 fail2ban.filter : INFO Set findtime = 300
2011-12-06 14:38:47,091 fail2ban.actions: INFO Set banTime = 600
2011-12-06 14:38:48,517 fail2ban.jail : INFO Jail 'apache-noscript' started
2011-12-06 14:38:48,622 fail2ban.jail : INFO Jail 'xinetd-fail' started
2011-12-06 14:38:48,727 fail2ban.jail : INFO Jail 'ssh-ddos' started
2011-12-06 14:38:48,833 fail2ban.jail : INFO Jail 'apache-multiport' started
2011-12-06 14:38:48,938 fail2ban.jail : INFO Jail 'apache-overflows' started
2011-12-06 14:38:49,044 fail2ban.jail : INFO Jail 'couriersmtp' started
2011-12-06 14:38:49,149 fail2ban.jail : INFO Jail 'ssh' started
2011-12-06 14:38:49,161 fail2ban.actions.action: ERROR iptables -N fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ssh, sftp, xxxx, xxxx -j fail2ban
-ssh returned 200
2011-12-06 14:38:49,255 fail2ban.jail : INFO Jail 'postfix' started
2011-12-06 14:38:49,360 fail2ban.jail : INFO Jail 'sasl' started
2011-12-06 14:38:49,466 fail2ban.jail : INFO Jail 'apache' started
2011-12-06 14:38:49,572 fail2ban.jail : INFO Jail 'courierauth' started
2011-12-06 14:38:49,678 fail2ban.jail : INFO Jail 'proftpd' started
l’erreur ssh est peut etre du au fait que je soit connecté via ssh sur mon serveur.
Salut,
Non,
Change la temporisation.
Si ça ne passe pas, bascule sur la version Testing, il n’y a pas de risques.