Unable to Install Fail2Ban

Discussion in 'General' started by newboy, Nov 25, 2010.

  1. newboy

    Joined:
    Mar 11, 2009
    Messages:
    60
    Likes Received:
    0
    I am trying to install Fail2Ban on Elastix 2.0.3.

    I tried to follow instructions on http://www.sunshinenetworks.com.au/how- ... art-1.html

    But the issue is when i type #yum -y install jwhois or if i try to yum anything else, it stops on "Loading mirror speeds from cached hostfile" and nothing happens after that.

    [root@XXXXXX ~]# yum -y install jwhois
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile

    Can anyone suggest what can be done to fix it?
     
  2. Bob

    Bob

    Joined:
    Nov 4, 2007
    Messages:
    2,400
    Likes Received:
    1
    Hard to say what as gone wrong on your system, but considering that it is in the yum area, and sounds like it is using the cache, you may want to issue the following command

    yum clean metadata

    and try the process again....

    As a worst case, try

    yum clean all (but generally this is not needed)

    Regards

    Bob
     
  3. danardf

    Joined:
    Dec 3, 2007
    Messages:
    8,069
    Likes Received:
    12
    Hi all.

    I've the same issue.
    But I don't know if this problem come from our LAN or other.
    wget http...etc works fine.

    yum still there:
    yum -y install jwhois
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile


    I can't make an yum update too.
    The problem comes from elsewhere.
     
  4. Bob

    Bob

    Joined:
    Nov 4, 2007
    Messages:
    2,400
    Likes Received:
    1
    Looks like the Elastix repos are causing it to hang...haven't see that before...

    Tried it on my system with the same result....

    If you want to work around it at the moment try this line :

    yum install jwhois --disablerepo=\* --enablerepo=base,extras,updates

    This does not make any hard changes (just for the life of this command line), just disables the repos and only enables the Centos repos.....

    tested ok

    Hope it helps....I would start looking at the issue with the Repos and report it to Elastix, but its really late here and I am going to bed....will check it in a few hours when I get up and report if necessary...

    Regards
     
  5. danardf

    Joined:
    Dec 3, 2007
    Messages:
    8,069
    Likes Received:
    12
    Ok thanks Bob for these test and these informations.
    Have a nice night. ;)
     
  6. Amphibian

    Joined:
    Sep 8, 2009
    Messages:
    1,128
    Likes Received:
    2
    Hey Dicko,

    I see that you contributed to the knowledge and development of the above listed (http://www.sunshinenetworks.com.au/how- ... art-1.html) document on how to install on E 2.0. Great work, this document is.

    My question to you (or others), will this same info work with installing on E 1.5-2 or do I need to continue looking else where. This seems pretty straight forward and appears to be a fairly easy process but I'm not using E 2.0.

    Thanks again Sir
    Amphibian
     
  7. Lee Sharp

    Joined:
    Sep 28, 2010
    Messages:
    332
    Likes Received:
    0
    It was written before 2.0 was released. It also doesn't really touch elastix at all, just listens to the log. It should be fine, but I have not tested it.
     
  8. danardf

    Joined:
    Dec 3, 2007
    Messages:
    8,069
    Likes Received:
    12
    Hi.

    F2B is installed on Elastix 1.6 and 2.0. All seems right.
     
  9. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    Absoultely, it works, just check that the various jails in jail.conf are looking at the right logs for example by default Elastix uses https so the apache logs to watch should be /var/www/httpd/*access_log to watch both of them. I seem to remember that the default postfix log was wrong also
     
  10. Amphibian

    Joined:
    Sep 8, 2009
    Messages:
    1,128
    Likes Received:
    2
    Hey thanks very much guys. I tried to increase karma on each one of u but it only lets me do one at a time every 6 hours. So since I'm older then farts I have put a post-it note on my screen to remember to increase two of you after 6 hours.

    I am going to download and install this software later tonight and will see how it goes. knowing me, as tired as I am, I will screw something up, but what the heck, its no fun if you don't right...

    Have a great evening.

    Amphibian
     
  11. franklin

    Joined:
    Oct 22, 2010
    Messages:
    254
    Likes Received:
    0
    I am also unable to load Fail2Ban. I tried the normal way and got an error. Tried Bob's 2 cleaning suggestions.

    I get this, too, on a yum update

    yum update
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=5 ... epo=addons error was
    [Errno 4] IOError: <urlopen error (-3, 'Temporary failure in name resolution')>
    Error: Cannot find a valid baseurl for repo: addons
    [root@elastix ~]#

    yum install jwhois --disablerepo=/* --enablerepo=base,extras,u pdates
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=5&arch=i386& repo=addons error was
    [Errno 4] IOError: <urlopen error (-3, 'Temporary failure in name resolution')>


    Cannot find a valid baseurl for repo: addons
    [root@elastix ~]#
     
  12. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    you will notice the error

    [Errno 4] IOError: <urlopen error (-3, 'Temporary failure in name resolution')>

    that means that either your DNS configuration is misconfigured or in fact the mirrors are broken

    the mirror list at

    http://mirrorlist.centos.org/?release=5 ... epo=addons

    is currently (as of a minute ago


    http://mira.sunsite.utk.edu/centos/5.5/addons/i386/
    http://centos.aol.com/5.5/addons/i386/
    http://mirrors.greenmountainaccess.net/ ... dons/i386/
    http://mirror.hosef.org/centos/5.5/addons/i386/
    http://centos-distro.cavecreek.net/cent ... dons/i386/
    http://mirrors.cmich.edu/centos/5.5/add ... epo=addons
    http://mirror.rackspace.com/CentOS/5.5/addons/i386/
    http://mirror.san.fastserv.com/pub/linu ... dons/i386/
    http://mirror.sanctuaryhost.com/centos/5.5/addons/i386/
    http://linux.mirrors.es.net/centos/5.5/addons/i386/

    So I doubt if they are all broken at the same time, check your /etc/resolv.conf file for it's function

    or as the error suggested , wait a while and try over.

    if you can't ping mirrorlist.centos.org you broke your network setup somehow :)
     
  13. franklin

    Joined:
    Oct 22, 2010
    Messages:
    254
    Likes Received:
    0
    dicko. It looks like I installed fail2ban correctly. But you say I should see "fail2ban-ASTERISK" in my iptable output. I am seeing fail2ban-SSH, pasted below. I did get my mail:

    Date: Wed, 8 Dec 2010 14:12:35 -0700 (MST)

    Hi,

    The jail SSH has been started successfully.

    Regards,

    Fail2Ban


    [root@elastix asterisk]# iptables -L -v -n
    Chain INPUT (policy ACCEPT 86 packets, 7504 bytes)
    pkts bytes target prot opt in out source destination
    31 2176 fail2ban-SSH tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 75 packets, 6732 bytes)
    pkts bytes target prot opt in out source destination

    Chain fail2ban-SSH (1 references)
    pkts bytes target prot opt in out source destination
    31 2176 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
     
  14. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    fail2ban doesn't have that jail built in you will need to make it, use the sunshinenetworks guide in the blogs to better understand
     
  15. Amphibian

    Joined:
    Sep 8, 2009
    Messages:
    1,128
    Likes Received:
    2
    Help???/


    When I did the yum -y install jwhois all went well, then I did the next step of trying to install the fail2ban and the following was returned:


    /$ yum -y install fail2ban
    Loading "fastestmirror" plugin
    Determining fastest mirrors
    * elastix-base: repo.elastix.org
    * base: yum.singlehop.com
    * elastix-updates: repo.elastix.org
    * updates: centos.omnispring.com
    * addons: www.gtlib.gatech.edu
    * extras: updates.interworx.info
    Excluding Packages from Base RPM Repository for Elastix
    Finished
    Excluding Packages from CentOS-5 - Base
    Finished
    Excluding Packages from Updates RPM Repository for Elastix
    Finished
    Excluding Packages from CentOS-5 - Updates
    Finished
    Excluding Packages from CentOS-5 - Addons
    Finished
    Excluding Packages from CentOS-5 - Extras
    Finished
    Setting up Install Process
    Parsing package install arguments
    No package fail2ban available.
    Nothing to do

    appears it didn't find the fail2ban packages. Any suggestions?

    I did a yum clean all even and it didn't help.

    Thanks
    Amphibian
     
  16. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    You need to either add a repository (epel in our case) or "follow the source"

    http://www.fail2ban.org/wiki/index.php/Downloads


    from source:-
    Code:
    cd /usr/src;wget http://sourceforge.net/projects/fail2ban/files/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2/download;tar -xjvf fail2ban-0.8.4.tar.bz2;cd fail2ban-0.8.4; less README 
    should get you nearly there.


    happy holidays

    dicko
     
  17. Amphibian

    Joined:
    Sep 8, 2009
    Messages:
    1,128
    Likes Received:
    2
    Your the man, Dicko,

    Thanks for the response.

    Could you advise how and what repository I need to add, please sir? I "think" I know where they are stored but not for certain and not certain what repository url to add.


    Thanks again,

    Have a Safe & Merry Christmas

    Amphibian
     
  18. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    abstracted from from

    http://fedoraproject.org/wiki/EPEL/FAQ#howtouse

    (no su needed) do

    Code:
    rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
    yum install -y  fail2ban mc
    cd /etc/fail2ban
    read -p "edit the files in this directory structure to suit" && mc
     
  19. Amphibian

    Joined:
    Sep 8, 2009
    Messages:
    1,128
    Likes Received:
    2
    Like I said, your the man.

    Once again thanks a million.

    Hope your not going to be like me and glued to this thing the whole holiday weekend. I have no life other than this contraption that I sit in front of that helps maintains my sanity, what little I have left.

    Spend time with family and friends while you can.



    Merry Christmas Sir.
    Amphibian
     
  20. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    :) :) in the next room is the start of Chilean/English/U.S. xmas overload, here in my cave is tranquillity, Armagnac and a dozen ssh sessions, both have their blessings, I am lucky to have a choice, go in peace my friend.

    regards and go and say hello to another recluse, she might be cute :)

    dicko (aka scrooge)
     

Share This Page