1

Topic: Fail2Ban action error

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version:  0.9.9 PGSQL edition
- Deployed with: downloadable installer
- Linux/BSD distribution name and version: debian 9
- Store mail accounts in which backend: PGSQL
- Web server: Nginx
- Manage mail accounts with iRedAdmin-Pro: yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

the logs fill up with fail2ban errors. i have not noticed such errors on the initial installation, i assume that this happens since i updated to iRedAPD-3.1 or iRedAPD-3.2 could that be? or do i have this error since i installed the server?

Nov 30 16:08:51 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- returned 1
Nov 30 16:08:51 mailserver fail2ban.CommandAction[5969]: ERROR Invariant check failed. Trying to restore a sane environment
Nov 30 16:08:51 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stdout: b''
Nov 30 16:08:51 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stderr: b"iptables v1.6.0: Couldn't load target `f2b-postfix':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match by that name.\n"
Nov 30 16:08:51 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- returned 1
Nov 30 16:08:51 mailserver fail2ban.actions[5969]: ERROR Failed to execute unban jail 'postfix-pregreet-iredmail' action 'iptables-multiport' info '{'matches': 'Nov 30 15:08:50 mailserver postfix/postscreen[17811]: PREGREET 41 after 0.12 from [xxxxx]:48785: EHLO 246.pool90-74-52.dynamic.orange.es\\r\\n', 'time': 1575122931.146692, 'failures': 1, 'ip': 'xxxxxx'}': Error stopping action

Nov 30 16:30:50 mailserver fail2ban.actions[5969]: NOTICE [postfix-pregreet-iredmail] Ban mailserver
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stdout: b''
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stderr: b''
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- returned 1
Nov 30 16:30:50 mailserver fail2ban.CommandAction[5969]: ERROR Invariant check failed. Trying to restore a sane environment
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stdout: b''
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stderr: b"iptables v1.6.0: Couldn't load target `f2b-postfix':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match by that name.\n"
Nov 30 16:30:50 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- returned 1
Nov 30 16:30:50 mailserver fail2ban.actions[5969]: ERROR Failed to execute ban jail 'postfix-pregreet-iredmail' action 'iptables-multiport' info 'CallingMap({'ipmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef890d08>, 'ipjailfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef898c80>, 'matches': 'Nov 30 16:30:49 mailserver postfix/postscreen[20847]: PREGREET 40 after 0.62 from [mailserver]:55885: EHLO xxx.98.124.202.static.snap.net.nz\\r\\n', 'ipjailmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef890bf8>, 'ipfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef898268>, 'time': 1575127850.1525629, 'failures': 1, 'ip': 'mailserver'})': Error stopping action
Nov 30 16:30:57 mailserver postfix/smtpd[21141]: timeout after CONNECT from smtpout-fallback.aon.at[195.3.96.xxx]
Nov 30 16:30:57 mailserver postfix/smtpd[21141]: disconnect from smtpout-fallback.aon.at[195.3.96.xxx] commands=0/0
Nov 30 16:31:12 mailserver postfix/postscreen[20847]: CONNECT from [24.181.205.xxx]:40068 to [xxx.xxx.xxx.xxx]:25
Nov 30 16:31:12 mailserver postfix/dnsblog[21496]: addr 24.181.205.xxx listed by domain b.barracudacentral.org as 127.0.0.2
Nov 30 16:31:12 mailserver postfix/dnsblog[21497]: warning: dnsblog_query: lookup error for DNS query 130.205.181.24.zen.spamhaus.org: Host or domain name not found. Name service error for name=130.205.181.24.zen.spamhaus.org type=A: Host not found, try again
Nov 30 16:31:13 mailserver postfix/postscreen[20847]: PREGREET 48 after 0.33 from [24.181.205.xxx]:40068: EHLO xx-181-205-134.static.hckr.nc.charter.com\r\n
Nov 30 16:31:13 mailserver postfix/postscreen[20847]: DISCONNECT [24.181.205.xxx]:40068
Nov 30 16:31:13 mailserver fail2ban.filter[5969]: INFO [postfix-pregreet-iredmail] Found 24.181.205.xxx
Nov 30 16:31:13 mailserver fail2ban.actions[5969]: NOTICE [postfix-pregreet-iredmail] Ban 24.181.205.xxx
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stdout: b''
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- stderr: b''
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -n -L INPUT | grep -q 'f2b-postfix[ \t]' -- returned 1
Nov 30 16:31:13 mailserver fail2ban.CommandAction[5969]: ERROR Invariant check failed. Trying to restore a sane environment
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stdout: b''
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- stderr: b"iptables v1.6.0: Couldn't load target `f2b-postfix':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match by that name.\n"
Nov 30 16:31:13 mailserver fail2ban.action[5969]: ERROR iptables -w -D INPUT -p tcp -m multiport --dports http,https,smtp,submission,465,pop3,pop3s,imap,imaps,sieve -j f2b-postfix#012iptables -w -F f2b-postfix#012iptables -w -X f2b-postfix -- returned 1
Nov 30 16:31:13 mailserver fail2ban.actions[5969]: ERROR Failed to execute ban jail 'postfix-pregreet-iredmail' action 'iptables-multiport' info 'CallingMap({'ipmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef880730>, 'ipjailfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef890bf8>, 'matches': 'Nov 30 16:31:13 mailserver postfix/postscreen[20847]: PREGREET 48 after 0.33 from [24.181.205.xxx]:40068: EHLO xx-181-205-134.static.hckr.nc.charter.com\\r\\n', 'ipjailmatches': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef898268>, 'ipfailures': <function Actions.__checkBan.<locals>.<lambda> at 0x7f20ef898c80>, 'time': 1575127873.409563, 'failures': 1, 'ip': '24.181.205.xxx'})': Error stopping action

2

Re: Fail2Ban action error

c33s wrote:

i assume that this happens since i updated to iRedAPD-3.1 or iRedAPD-3.2 could that be?

Not related.

Try to stop both iptables and fail2ban services first, then restart iptables and fail2ban in order.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee