Topic: Error storing banned IP because of country name (fail2ban_banned_db)
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? downloadable Installer
- Linux/BSD distribution name and version: 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL/MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
When there is the character " ' " in the name of the country the SQL-Statement to store a banned IP in MySQL fails
For example a country name like "LA, Lao People's Democratic Republic" or "Cote D'Ivoir" cannot be stored.
Nov 2 16:57:23 www fail2ban.filter [569]: INFO [sshd] Found 101.78.9.235 - 2020-11-02 16:57:23
Nov 2 16:57:24 www fail2ban.actions [569]: NOTICE [sshd] Ban 101.78.9.235
Nov 2 16:57:24 www fail2ban.utils [569]: Level 39 7f4b06138488 -- exec: ['f2bV_ipjailmatches=$0 \n/usr/local/bin/fail2ban_banned_db ban 101.78.9.235 22 tcp sshd 26 $f2bV_ipjailmatches', 'Sep 6 12:31:15 malta sshd[12752]: Failed password for root from 101.78.9.235 port 47265 ssh2\nSep 6 12:41:35 malta sshd[13166]: Failed password for root from 101.78.9.235 port 41685 ssh2\nSep 6 12:47:38 malta sshd[13346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:08 malta sshd[21097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:10 malta sshd[21097]: Failed password for invalid user ftpuser from 101.78.9.235 port 39600 ssh2\nSep 21 14:45:57 malta sshd[21581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:17:16 malta sshd[8559]: Failed password for root from 101.78.9.235 port 53735 ssh2\nOct 12 10:25:14 malta sshd[10649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:25:16 malta sshd[10649]: Failed password for invalid user teste from 101.78.9.235 port 59514 ssh2\nOct 15 09:26:35 malta sshd[4697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 15 09:26:37 malta sshd[4697]: Failed password for invalid user chan from 101.78.9.235 port 51687 ssh2\nOct 15 09:35:30 malta sshd[7367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nNov 2 16:44:39 www sshd[21132]: Failed password for root from 101.78.9.235 port 33757 ssh2\nNov 2 16:52:43 www sshd[22212]: Failed password for root from 101.78.9.235 port 38543 ssh2']
Nov 2 16:57:24 www fail2ban.utils [569]: ERROR 7f4b06138488 -- stderr: "ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 's Democratic Republic', '', UTC_TIMESTAMP(),"
Nov 2 16:57:24 www fail2ban.utils [569]: ERROR 7f4b06138488 -- stderr: " '26', 'Sep 6 12:31:15 ma...' at line 7"
Nov 2 16:57:24 www fail2ban.utils [569]: ERROR 7f4b06138488 -- returned 1
Nov 2 16:57:25 www fail2ban.actions [569]: ERROR Failed to execute ban jail 'sshd' action 'banned_db' info 'ActionInfo({'ip': '101.78.9.235', 'family': 'inet4', 'ip-rev': '235.9.78.101.', 'ip-host': None, 'fid': '101.78.9.235', 'failures': 5, 'time': 1604332643.0, 'matches': 'Nov 2 16:44:39 www sshd[21132]: Failed password for root from 101.78.9.235 port 33757 ssh2\nNov 2 16:52:43 www sshd[22212]: Failed password for root from 101.78.9.235 port 38543 ssh2', 'restored': 0, 'F-*': {'matches': ['Nov 2 16:44:39 www sshd[21132]: Failed password for root from 101.78.9.235 port 33757 ssh2', 'Nov 2 16:52:43 www sshd[22212]: Failed password for root from 101.78.9.235 port 38543 ssh2'], 'failures': 5, 'mlfid': ' www sshd[21132]: ', 'user': '', 'ip4': '101.78.9.235'}, 'ipmatches': 'Sep 6 12:31:15 malta sshd[12752]: Failed password for root from 101.78.9.235 port 47265 ssh2\nSep 6 12:41:35 malta sshd[13166]: Failed password for root from 101.78.9.235 port 41685 ssh2\nSep 6 12:47:38 malta sshd[13346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:08 malta sshd[21097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:10 malta sshd[21097]: Failed password for invalid user ftpuser from 101.78.9.235 port 39600 ssh2\nSep 21 14:45:57 malta sshd[21581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:17:16 malta sshd[8559]: Failed password for root from 101.78.9.235 port 53735 ssh2\nOct 12 10:25:14 malta sshd[10649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:25:16 malta sshd[10649]: Failed password for invalid user teste from 101.78.9.235 port 59514 ssh2\nOct 15 09:26:35 malta sshd[4697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 15 09:26:37 malta sshd[4697]: Failed password for invalid user chan from 101.78.9.235 port 51687 ssh2\nOct 15 09:35:30 malta sshd[7367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nNov 2 16:44:39 www sshd[21132]: Failed password for root from 101.78.9.235 port 33757 ssh2\nNov 2 16:52:43 www sshd[22212]: Failed password for root from 101.78.9.235 port 38543 ssh2', 'ipjailmatches': 'Sep 6 12:31:15 malta sshd[12752]: Failed password for root from 101.78.9.235 port 47265 ssh2\nSep 6 12:41:35 malta sshd[13166]: Failed password for root from 101.78.9.235 port 41685 ssh2\nSep 6 12:47:38 malta sshd[13346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:08 malta sshd[21097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nSep 21 14:33:10 malta sshd[21097]: Failed password for invalid user ftpuser from 101.78.9.235 port 39600 ssh2\nSep 21 14:45:57 malta sshd[21581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:17:16 malta sshd[8559]: Failed password for root from 101.78.9.235 port 53735 ssh2\nOct 12 10:25:14 malta sshd[10649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 12 10:25:16 malta sshd[10649]: Failed password for invalid user teste from 101.78.9.235 port 59514 ssh2\nOct 15 09:26:35 malta sshd[4697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nOct 15 09:26:37 malta sshd[4697]: Failed password for invalid user chan from 101.78.9.235 port 51687 ssh2\nOct 15 09:35:30 malta sshd[7367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.9.235 \nNov 2 16:44:39 www sshd[21132]: Failed password for root from 101.78.9.235 port 33757 ssh2\nNov 2 16:52:43 www sshd[22212]: Failed password for root from 101.78.9.235 port 38543 ssh2', 'ipfailures': 26, 'ipjailfailures': 26})': Error banning 101.78.9.235----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.
