/etc/fail2ban/jail.d/yunohost-jails.conf & https://paste.yunohost.org/ugagicehux

Support
, , , ,
1

Sure, here’s the translation of your message:

"This is not a picture, it’s just what my terminal outputted. Also, not everyone can speak English. It’s like if I asked you to drive my double-decker truck from Cologne to France. You have a driver’s license, so you should be able to do it, right? This is an inadequate comparison, but it may explain why I have trouble with English. I never had any English classes and it wasn’t important back then. Nonetheless, thank you for your help. I’ve found someone who can help me translate what you write to me and what I write to you. Unfortunately, I can’t access the help section, and I have a problem with fail2ban. I had to deal with two hacks on my server and I blocked the IPs. I tried to make fail2ban even stronger via Webmin, but I must have missed something because I now have two errors on my YunoHost system. The first error is that it can’t be reset to YunoHost. The configuration file /etc/fail2ban/jail.d/yunohost-jails.conf seems to have been manually modified.

This is probably OK if you know what you’re doing! YunoHost won’t update this file automatically in the future… but please be careful as future upgrades of YunoHost could contain important recommended changes. If you want, you can inspect the differences with yunohost tools regen-conf fail2ban --dry-run --with-diff and force the recommended configuration reset with yunohost tools regen-conf fail2ban --force.

The configuration file /etc/ssh/sshd_config seems to have been manually modified.

This is probably OK if you know what you’re doing! YunoHost won’t update this file automatically in the future… but please be careful as future upgrades of YunoHost could contain important recommended changes. If you want, you can inspect the differences with yunohost tools regen-conf ssh --dry-run --with-diff and force the recommended configuration reset with yunohost tools regen-conf ssh --force.

So, my fail2ban isn’t working properly now. The second error I made was that I implemented wrong packages in the source list. I fixed that, but I still haven’t done everything right in this area. So it still gives me error messages like these in the Yunohost admin panel:

"Everything looks OK for Web! Found 1 significant problem(s) (and 1 warning(s)) in relation to email! Failed to get status information via dbus for service mailman3-web, systemctl didn’t recognize this service (‘NoSuchUnit’). unable to retrieve string to translate with key ‘2023-03-28 05:20:10,241 fail2ban.configreader [1644881]: ERROR Found no accessible config files for ‘fail2ban’ under /etc/fail2ban’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key '2023-03-28 05:20:10,242 fail2ban.configreader [1644881

![](data:image/svg+xml,%3csvg%20xmlns=%27http://www.w3.org/2000/svg%27%20version=%271.1%27%20width=%2730%27%20height=%2730%27/%3e)carrabelloy@carrabelloy.de

weiter hastebin

Sorry, I did not see the rest of your message. Here is the translation of the remaining part:

“Although I have fixed the source list, there are still errors. I am not a programmer, but I have sought help, as I did with the translation, and I read as best I can. Maybe this will help to create a German translation of everything I have listed to contribute even more to YunoHost. But that’s beside the point. Thank you for your support and help with the problems and for the great work on the YunoHost system. Can you please translate everything for me?”

I have found 1 significant problem (and 1 warning) related to email:

  • Failed to get status information via dbus for service mailman3-web, systemctl didn’t recognize this service (‘NoSuchUnit’).
  • unable to retrieve string to translate with key ‘2023-03-28 05:20:10,241 fail2ban.configreader [1644881]: ERROR Found no accessible config files for ‘fail2ban’ under /etc/fail2ban’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning)
  • unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning)
  • unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning)
  • unable to retrieve string to translate with key ‘2023-03-28 05:20:10,246 fail2ban [1644881]: ERROR Failed during configuration: Bad value substitution: option ‘backend’ in section ‘sshd’ contains an interpolation key ‘sshd_backend’ which is not a valid option name. Raw value: ‘%(sshd_backend)s’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning)
  • unable to retrieve string to translate with key ‘2023-03-28 05:20:10,246 fail2ban [1644881]: ERROR ERROR: test configuration failed’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning)

I have found 1 item that could be improved for service status (+ 1 ignored problem) and 1 item that could be improved for system configuration (+ 1 ignored problem).

The following are log entries:

  • Ignore a warning - 14:07:20
  • Do not ignore a warning - 07:20:37
  • Start the ‘fail2ban’ service - 07:46:49, 08:42:19, 08:50:26

![](data:image/svg+xml,%3csvg%20xmlns=%27http://www.w3.org/2000/svg%27%20version=%271.1%27%20width=%2730%27%20height=%2730%27/%3e)carrabelloy@carrabelloy.de

weiter

I found 1 significant issue(s) (and 1 warning(s)) related to email! Failed to get status information via dbus for service mailman3-web, systemctl didn’t recognize this service (‘NoSuchUnit’). unable to retrieve string to translate with key ‘2023-03-28 05:20:10,241 fail2ban.configreader [1644881]: ERROR Found no accessible config files for ‘fail2ban’ under /etc/fail2ban’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,242 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve string to translate with key ‘2023-03-28 05:20:10,245 fail2ban.configreader [1644881]: ERROR No section: ‘Definition’’ for default locale ‘locales/en.json’ file (don’t panic this is just a warning) unable to retrieve```

  • – Journal begins at Thu 2023-03-16 20:43:01 UTC, ends at Wed 2023-03-29 04:18:35 UTC. –
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR No section: ‘Definition’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.configreader [1895708]: ERROR Found no accessible config files for ‘filter.d/sshd’ under /etc/fail2ban
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.jailreader [1895708]: ERROR Unable to read the filter ‘sshd’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,796 fail2ban.jailsreader [1895708]: ERROR Errors in jail ‘sshd’. Skipping…
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,797 fail2ban.configreader [1895708]: ERROR Found no accessible config files for ‘filter.d/sshd-ddos’ under /etc/fail2ban
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,797 fail2ban.jailreader [1895708]: ERROR Unable to read the filter ‘sshd-ddos’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,797 fail2ban.jailsreader [1895708]: ERROR Errors in jail ‘sshd-ddos’. Skipping…
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,797 fail2ban [1895708]: ERROR Failed during configuration: Bad value substitution: option ‘backend’ in section ‘dropbear’ contains an interpolation key ‘dropbear_backend’ which is not a valid option name. Raw value: ‘%(dropbear_backend)s’
  • Mar 29 02:37:11 fail2ban-server[1895708]: 2023-03-29 02:37:11,797 fail2ban [1895708]: ERROR Async configuration of server failed
  • Mar 29 02:37:11 systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
  • Mar 29 02:37:11 systemd[1]: fail2ban.service: Failed with result ‘exit-code’.
  • Mar 29 02:51:41 systemd[1]: Starting Fail2Ban Service…
  • Mar 29 02:51:51 systemd[1]: Started Fail2Ban Service.
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,188 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,188 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,188 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,188 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,188 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,193 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,193 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,193 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,193 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.configreader [1898456]: ERROR No section: ‘Definition’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.configreader [1898456]: ERROR Found no accessible config files for ‘filter.d/sshd’ under /etc/fail2ban
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.jailreader [1898456]: ERROR Unable to read the filter ‘sshd’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.jailsreader [1898456]: ERROR Errors in jail ‘sshd’. Skipping…
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.configreader [1898456]: ERROR Found no accessible config files for ‘filter.d/sshd-ddos’ under /etc/fail2ban
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.jailreader [1898456]: ERROR Unable to read the filter ‘sshd-ddos’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban.jailsreader [1898456]: ERROR Errors in jail ‘sshd-ddos’. Skipping…
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,194 fail2ban [1898456]: ERROR Failed during configuration: Bad value substitution: option ‘backend’ in section ‘dropbear’ contains an interpolation key ‘dropbear_backend’ which is not a valid option name. Raw value: ‘%(dropbear_backend)s’
  • Mar 29 02:51:51 fail2ban-server[1898456]: 2023-03-29 02:51:51,195 fail2ban [1898456]: ERROR Async configuration of server failed
  • Mar 29 02:51:51 systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
  • Mar 29 02:51:51 systemd[1]: fail2ban.service: Failed with result ‘exit-code’.
  • Mar 29 03:53:57 systemd[1]: Starting Fail2Ban Service…
  • Mar 29 03:54:07 systemd[1]: Started Fail2Ban Service.
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,101 fail2ban.configreader [1908351]: ERROR No section: ‘Definition’
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,101 fail2ban.configreader [1908351]: ERROR No section: ‘Definition’
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,101 fail2ban.configreader [1908351]: ERROR No section: ‘Definition’
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,102 fail2ban.configreader [1908351]: ERROR No section: ‘Definition’
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,102 fail2ban.configreader [1908351]: ERROR No section: ‘Definition’
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,106 fail2ban [1908351]: ERROR Failed during configuration: While reading from ‘/etc/fail2ban/jail.local’ [line 5]: option ‘banip’ in section ‘DEFAULT’ already exists
  • Mar 29 03:54:07 fail2ban-server[1908351]: 2023-03-29 03:54:07,108 fail2ban [1908351]: ERROR Async configuration of server failed
  • Mar 29 03:54:07 systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
  • Mar 29 03:54:07 systemd[1]: fail2ban.service: Failed with result ‘exit-code’.
    who can help me with this? because fail2ban is broken is not working
    :~$ systemctl status fail2ban.service
    ● fail2ban.service - Fail2Ban Service
    Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
    Active: failed (Result: exit-code) since Tue 2023-03-28 22:01:27 UTC; 6min ago
    Docs: man:fail2ban(1)
    Process: 1846878 ExecStartPre=/bin/sleep 10 (code=exited, status=0/SUCCESS)
    Process: 1846883 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
    Process: 1846884 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
    Main PID: 1846884 (code=exited, status=255/EXCEPTION)
    CPU: 82ms
2

:crazy_face:… this is unreadable… even the title

3 Likes
3

Hello! I’m sorry to hear you’re having trouble with Fail2ban. The error you describe seems to point to a problem with Fail2ban’s configuration file. To help you solve the problem, here are some steps you can try:

Check the configuration file: The error message states that the configuration file contains errors. Therefore, check that the file is formatted correctly and that it contains the correct sections.

Check the /etc/fail2ban/jail.d/defaults-debian.conf file: If the configuration file does not contain any sections, look for the /etc/fail2ban/jail.d/defaults-debian.conf file. This file contains the default configuration for Fail2ban on Debian and might help to solve the problem.

Check the log files: If you need more information to diagnose the problem, you should check the Fail2ban log files. These files contain detailed information about the errors that Fail2ban reported.

Look for support in the Fail2ban community: If the steps above do not help, you should contact the Fail2ban community. You can use forums or mailing lists to seek help and possibly find other people having the same problem.

aim not go aim problems for this fail2ban is hastebin

6

Please read my text completely and not leave a stupid answer to me where you can’t do anything at all and that doesn’t answer anything. So please read it completely and answer more clearly in all areas. Because since I don’t get the fail2ban deleted because it is implemented in the Yunohost system and I would therefore destroy the whole structure. So I have to put everything up again. Now I downloaded 160 GB as Tar.GZ, over the backend of Yunohost. So in the admin area. As I have read, I can probably upload them and unzip them again. But if I have reinstalled it, I have to upload it again before I get a little finished from the admin panel. So in the backup copy in the Oot@Darknight -Coffee /Home # LS -La
Total 48
DRWXR-XR-X 9 Root Root 4096 Mar 26 3:00 p.m.
DRWXR-XR-X 20 Root Root 4096 Mar 23 06:39 …
DRWXRWXR-X+ 2 Carrabelloy Carrabelloy 4096 Mar 31 11:41 Carrabelloy
DRWX ----- 2 Root Root 16384 OCT 30 19:27 Lost+Found
DRWXRWXR-X+ 2 7852 7852 4096 Nov 12 04:41 Mobilizon_notifs
DRWXRWXR-X+ 2 Synapse Synapse 4096 Mar 28 04:38 Synapse
DRWXR-XR-X 12 Root Root 4096 Mar 22 19:52 Yunohost.App
drwxRWX — 5 root admins 4096 Feb 2 02:57 Yunohost.Backup
drwxrwxr-X+ 5 root root 4096 Mar 22 19:51 Yunohost.multimedia
Root@Darknight-Coffee /Home #
. You are now on my computer, i.e. my workstation. I thought that I could only download the two blogs at first because they are the most important to me, but he downloads the whole system together. Now ask honor: the first would not immediately implement the defective fail2ban? The second question, how can I upload all files as a Tar.GZ to the folder via Terminal as a Tar.GZ, even if you should cancel the data connection so that no false folders form up there? The way. So as it is the safest. So that you can restore yourself on the server. Then they had written me several variations, the fail2ban. What I want to try out right away. Maybe when stopped. If I stop and uninstall it, and maybe reinstall it. Maybe it would go around like that. If there are small things that you can restore and where you may have an idea without giving everything down right away to make everything new again and upload it. Maybe it would be worth trying. And otherwise as described above, but here are their variations that you wrote to me now. Maybe that works. I’m sorry that the problem continues to exist. We can now try to completely uninstall fail2ban. Follow the following steps:

 Uninstall Fail2ban:

bash

sudo apt-get remove-purge fail2ban

 Install Fail2Ban again:

bash

Sudo apt-get update
Sudo apt-get install fail2ban

 Check the standard configuration in /etc/fail2ban/filter.d/shd.conf. You should have a functioning standard configuration.

 Restart Fail2ban and check the status:

bash

Sudo Systemctl Restart Fail2ban
Sudo Systemctl Status Fail2ban
Sudo Fail2ban -Client -D

If the problem continues, please let us know.
carabelloy@carrabelloy.de
This is not possible because it is implemented in the Yunohost system or you have an idea or the way to avoid it. But so far there are no.

Since fail2ban is integrated into your Yunohost system, it would not be advisable to manually uninstall it and reinstall it, as this could lead to further problems.

In this case, I recommend that you contact the Yunohost community or support in order to get help to fix this specific problem with fail2ban. The experts for the Yunohost system may help you better because you are familiar with the special features of the system.

Here are some resources that you can contact:

 Yunohost Forum: https://forum.yunohost.org/
 Yunohost documentary: https://yunohost.org/docs
 Yunohost chat (matrix): #yunohost: matrix.org (you need a matrix account to take part)

Sorry for the inconvenience and I hope that you will soon find a solution to your problem.
carabelloy@carrabelloy.de
I know that myself have no way. Great

I’m sorry that we could not find a satisfactory solution for the fail2ban problem. In this situation, you could try to use temporary workarounds or alternatives.

One possibility would be to temporarily limit the SSH access by allowing the IP addresses from which a

7

:melting_face:
unintelligible sorry

1 Like
8

What do you mean by that? I think what they have left behind is a bit more incomprehensible. So I want to say ann I don’t do anything with it. That the ene Dokomentation habens I know but finds nothing to my problem. Thanks anyway for your efforts

9

I have rebuilt it and uploaded the whole thing via scp. Takes 10-12 hours. I hope not that I me the broken Fail2BAN WITH INSTALLER :wink:

grafik
grafik1916×31 4.41 KB

10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.