Fail2ban fails to start after update?
Solution 1
I noticed that after the upgrade to 15.04 when I check the webmin for a server that I have with the same issue, what I saw what that I had a new jail called "sshd" that had nothing defined as a filter. I deleted this jail and it now works again. To be clear, the ssh jail is still there,just the empty jail called sshd is gone. Outside of webmin I'm not sure where to find that jail. You pastebin looks clear of any invalid entries.
Solution 2
On Ubuntu 16.04 had the same issue out of a sudden:
dec 17 08:58:41 xxx fail2ban-client[1342]: ERROR Failed during configuration: Bad value substitution: option 'action' in section 'sshd' contains an interpolation key 'port' which is not a valid option name. Raw value: '%(action_)s'
it turns out that on Ubuntu inside jail.d/defaults-debian.conf there is a jail confing that contained nothing but:
[sshd]
enabled = true
Commenting this lines out fixed the issue above.
Solution 3
I had the same issue. Fix was: Port in jail.conf was missing.
Related videos on Youtube
Asifa.K
Hello! I am a computer science PhD student researcher investigating flooding with AI. I currently know C♯, HTML, CSS, Javascript, PHP, some Python (ewww), C++ (mainly Arduino), and Prolog, SQL, and Rust (mind-bending). I also do Linux sysadmin in my spare time. I enjoy learning new things. If I find or something interesting, I will post about it on my blog - I try to post at least once a week. I have a website, which you should check out if you are interested. I also have a twitter account, but I don't check it all that often - the tweets there are largely automated by IFTTT. If you prefer, I've also created a subreddit that's also automated by IFTTT, though I do check it slightly more often than twitter. I can't think of anything else to put here at the moment, but if there is anything you think I should add / change please contact me somehow and I will consider it (commenting on my blog is a good way to get hold of me).
Updated on September 18, 2022Comments
-
Asifa.K over 1 year
I have been using fail2ban for a while on my Ubuntu server. Recently (after upgrading to ubuntu 15.04 I assume) fail2ban has been failing to start.
Initially, this was because the
port
option had been specified twice somewhere - I fixed that.Now I am getting the following error:
WARNING 'filter' not defined in 'sshd'. Using default one: '' ERROR Failed during configuration: Bad value substitution: section: [sshd] option : action key : port rawval : ", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
Here is a link to a pastebin of my
jail.local
configuration file: http://pastebin.com/KksbwT1rI have removed the email addresses for privacy reasons.
-
Asifa.K about 9 yearsThanks for the comment. I found my fail2ban configs at
/etc/fail2ban/jail.conf
and/etc/fail2ban/jail.local
(jail.local
is the file that you should edit andjail.conf
is the default settings one I think). Would it be possible for you to post your fail2ban config? I would find it helpful to compare your working one against my failing one :) -
mirkobrankovic about 8 yearsI found sshd jail in
jail.d/defaults-debian.conf
wwith only 2 lines, so no filter no action -
Sathiya Narayanan about 5 yearsThanks for the hint. I modified
defaults-debian.conf
in the following way andfail2ban
service started again.[sshd] enabled = true port = ssh filter = sshd maxretry = 6
-
franc over 4 yearsThanks, I had also a sshd jail only visible in Webmin. Deleted it and it works again :)