similar to: CentOS 7, Fail2ban and SELinux

On Feb 26, 2020, at 08:52, Nicolas Kovacs <info at microlinux.fr> wrote: > >> Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit : >> SELinux is preventing /usr/bin/python2.7 from read access on the file disable. >> ***** Plugin catchall (100. confidence) suggests ***** >> If you believe that python2.7 should be allowed read access on the disable file by default.

Hi, Some time ago I had SELinux problems with Fail2ban. One of the users on this list suggested that it might be due to the fact that I'm using a bone-headed iptables script instead of FirewallD. I've spent the past few weeks getting up to date with doing things in a more orthodox manner. So currently my internet-facing CentOS server has a nicely configured NetworkManager, and

Hi! Am 09.04.20 um 10:07 schrieb Rob Kampen: [...] > I too had fail2ban fail after an otherwise successful yum update. Mine occurred in Feb when my versions of firewalld etc were updated to the versions you show. Thus far I have not had the opportunity to sort the problem. Lockdown has been quite busy so far, hopefully some slower times coming next week. Yeah, those pesky real-life biological

Hi! I have a server running CentOS 7.7 (1908) with all current patches installed. I think this server should be a quite standard installation with no specialities On this server I have fail2ban with an apache and openvpn configuration. I'm using firewalld to manage the firewall rules. Fail2an is configured to use firewalld: [root at server ~]# ll /etc/fail2ban/jail.d/ insgesamt 12

On Wed, 26 Feb 2020 at 14:06, Jonathan Billings <billings at negate.org> wrote: > On Feb 26, 2020, at 08:52, Nicolas Kovacs <info at microlinux.fr> wrote: > > > >> Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit : > >> SELinux is preventing /usr/bin/python2.7 from read access on the file > disable. > >> ***** Plugin catchall (100. confidence)

Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit?: > SELinux is preventing /usr/bin/python2.7 from read access on the file disable. > > *****? Plugin catchall (100. confidence) suggests?? ***** > > If you believe that python2.7 should be allowed read access on the disable file > by default. > Then you should report this as a bug. > You can generate a local policy module to

P? Tue, 31 Dec 2019 18:53:38 +0000 John H Nyhuis <jnyhuis at uw.edu> skrev: > Just a random stab in the dark, but CEntOS6 was iptables, and CentOS7 > is firewalld. They take different fail2ban packages. > > CentOS6 = fail2ban > CentOS7 = fail2ban-firewalld > > Are you sure you are running the correct fail2ban package for your > firewall? (I screwed this up myself

On 13/04/20 1:30 pm, Orion Poplawski wrote: > On 4/9/20 6:31 AM, Andreas Haumer wrote: > ... >> I'm neither a fail2ban nor a SELinux expert, but it seems the >> standard fail2ban SELinux policy as provided by CentOS 7 is not >> sufficient anymore and the recent updates did not correctly >> update the required SELinux policies. >> >> I could report this

I have fail2ban on my mail server monitoring Dovecot and Exim. I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log: 2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05 2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224 2020-04-07 09:42:06,981

Hi, I've setup a transparent HTTP+HTTPS proxy on my server running CentOS 7, using Squid. Here's my configuration file. --8<---------------------------------------------------------------- # /etc/squid/squid.conf # D?finitions acl localnet src 192.168.2.0/24 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port

Hi all... Recently a new Fail2Ban was available among some other updates for my Centos 7 system, and I just updated all. It seems that was a very BAD idea. Just noticed that Fail2Ban have generated a 6MB error log because of the update, and FirewallD a 1MB log of errors ! (not sure if any of those were really working after this) ok, I'll just run yum downgrade fail2ban I thought. Naa, no

On Mon, December 18, 2017 3:06 am, Alex JOST wrote: > Did you enable the dovecot service in fail2ban? By default all jails are > disabled. > > /etc/fail2ban/jail.conf: > [dovecot] > enabled = true Alex, thanks no, not in jail.conf, I've put it in the (1) /etc/fail2ban/jail.local I've also added postfix, that seems to work: I've made test failed dovecot and

I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all --

On a CentOS 6.7 system that's been running fail2ban for a long time, we recently started seeing this: ct 28 19:00:59 <servername> fail2ban.action[17561]: ERROR iptables -w -D INPUT -p tcp --dport ssh -j f2b-SSH#012iptables -w -F f2b-SSH#012iptables -w -X f2b-SSH -- stderr: "iptables v1.4.7: option `-w' requires an argument\nTry `iptables -h' or 'iptables --help' for

Hi, I just installed SpamAssassin on two servers running CentOS 7 and Postfix. One is my sandbox server for experimenting, the other one is the server that hosts my company's web site, blog, mail, etc. So far, SpamAssassin seems to work as expected. I sent a test mail, which was duly flagges as [SPAM], and I already see the odd incoming spam message correctly flagged as [SPAM]. For testing

Hi Leon, I don't have access to a CentOS 6.10 system handy, but it looks like a policy issue. If I take you're ausearch output and pipe it to audit2allow on my CentOS 7.6 system, I get the following: #============= httpd_t ============== #!!!! This avc is allowed in the current policy allow httpd_t httpd_sys_script_t:process signull; Noting that on my 7.6 system with selinux enforcing

On Fri, May 22, 2020 2:05 pm, Adi Pircalabu wrote: > On 22-05-2020 10:38, Voytek Eymont wrote: > > Hardly a Dovecot issue. Can you please post the output of this command? > /usr/bin/fail2ban-regex /var/log/dovecot.log > /etc/fail2ban/filter.d/dovecot.conf Adi, thanks, what I get is: # /usr/bin/fail2ban-regex /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot.conf Running

Hello List, with CentOS 7.2 it is not longer possible to run fail2ban on a Server ? I install a new CentOS 7.2 and the EPEL directory yum install fail2ban I don't change anything only I create a jail.local to enable the Filters [sshd] enabled = true .... ..... When I start afterward fail2ban systemctl status fail2ban is clean But systemctl status firewalld is broken ? firewalld.service -

I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use

I use SSHGuard on well ssh (doh!), but supposedly you can use it for postfix and dovecot also. I can tell you it is well supported. I am on Centos 7 using firewalld. ? Original Message ? From: adi at ddns.com.au Sent: May 21, 2020 11:01 PM To: voytek at sbt.net.au Cc: dovecot at dovecot.org Subject: Re: fail2ban setup centos 7 not picking auth fail? On 22-05-2020 15:45, Voytek Eymont