April 4, 2025: iRedMail-1.7.3 has been released.

**bsdhostdk** · 2025-04-27 13:49:05

bsdhostdk
Member
Offline

Registered: 2025-04-27
Posts: 4

Topic: fail2ban jail error

- iRedMail version: 1.7.3 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? download
- Linux/BSD distribution name and version: Debian 12
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes

Apr 27 04:25:59 newmarlin fail2ban.actions[849]: ERROR Failed to execute ban jail 'pregreet' action 'banned_db' info 'ActionInfo({'ip': '*SOMEIP*', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0xffffb3d5a020>, 'ipjailmatches': '2025-04-27T04:25:59.810265+00:00 newmarlin postfix/postscreen[23259]: PREGREET 12 after 0.16 from [152.32.235.85]:9294: ehlo hello\\r\\n', 'ipjailfailures': 1, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0xffffb3d5a7a0>})': Error banning *SOMEIP*

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2025-04-27 14:58:13

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,370

Re: fail2ban jail error

Could you please paste log lines before and after this line?

**bsdhostdk** · 2025-04-27 15:19:44

bsdhostdk
Member
Offline

Registered: 2025-04-27
Posts: 4

Re: fail2ban jail error

ZhangHuangbin wrote:

Could you please paste log lines before and after this line?

Of course - and thanks for your great work!

Restarted fail2ban in DEBUG mode:

root@newmarlin:~# tail -f /var/log/fail2ban.log
2025-04-27T07:12:34.968427+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-26T20:04:26.740069+00:00 newmarlin sshd[12735]: Invalid user solx from SOMEIMP port 59272'
2025-04-27T07:12:34.968494+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-27T05:51:07.346446+00:00 newmarlin sshd[26187]: Invalid user ubuntu from *SOMEIP* port 39368'
2025-04-27T07:12:34.968636+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-27T06:01:32.901474+00:00 newmarlin sshd[26458]: Invalid user validator from *SOMEIP* port 39306'
2025-04-27T07:12:34.968701+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-27T06:12:14.910224+00:00 newmarlin sshd[26683]: Invalid user node from *SOMEIP* port 39082'
2025-04-27T07:12:34.968757+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-27T06:22:53.212625+00:00 newmarlin sshd[26851]: Invalid user solana from *SOMEIP* port 38860'
2025-04-27T07:12:34.968833+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- stderr: '2025-04-27T06:33:28.101646+00:00 newmarlin sshd[27406]: Invalid user sol from *SOMEIP* port 38644: 2: /usr/local/bin/fail2ban_banned_db: not found'
2025-04-27T07:12:34.968896+00:00 newmarlin fail2ban.utils[28595]: ERROR ffffacebd340 -- returned 127
2025-04-27T07:12:34.968969+00:00 newmarlin fail2ban.utils[28595]: INFO HINT on 127: "Command not found". Make sure that all commands in ['f2bV_ipjailmatches=$0 \n/usr/local/bin/fail2ban_banned_db ban *SOMEIP* 22 tcp sshd 15 $f2bV_ipjailmatches', '2025-04-26T19:22:13.657215+00:00 newmarlin sshd[11957]: Invalid user user from *SOMEIP* port 44250\n2025-04-26T19:32:30.810450+00:00 newmarlin sshd[12107]: Invalid user vali from *SOMEIP* port 40948\n2025-04-26T19:42:55.741753+00:00 newmarlin sshd[12315]: Invalid user ubuntu from *SOMEIP* port 37646\n2025-04-26T19:53:35.590692+00:00 newmarlin sshd[12501]: Invalid user ada from *SOMEIP* port 34344\n2025-04-26T20:04:26.740069+00:00 newmarlin sshd[12735]: Invalid user solx from *SOMEIP* port 59272\n2025-04-27T05:51:07.346446+00:00 newmarlin sshd[26187]: Invalid user ubuntu from *SOMEIP* port 39368\n2025-04-27T06:01:32.901474+00:00 newmarlin sshd[26458]: Invalid user validator from *SOMEIP* port 39306\n2025-04-27T06:12:14.910224+00:00 newmarlin sshd[26683]: Invalid user node from *SOMEIP* port 39082\n2025-04-27T06:22:53.212625+00:00 newmarlin sshd[26851]: Invalid user solana from *SOMEIP* port 38860\n2025-04-27T06:33:28.101646+00:00 newmarlin sshd[27406]: Invalid user sol from *SOMEIP* port 38644'] are in the PATH of fail2ban-server process (grep -a PATH= /proc/`pidof -x fail2ban-server`/environ). You may want to start "fail2ban-server -f" separately, initiate it with "fail2ban-client reload" in another shell session and observe if additional informative error messages appear in the terminals.
2025-04-27T07:12:34.969869+00:00 newmarlin fail2ban.actions[28595]: ERROR Failed to execute ban jail 'sshd' action 'banned_db' info 'ActionInfo({'ip': '*SOMEIP* ', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0xffffaf83a020>, 'ipjailmatches': '2025-04-26T19:22:13.657215+00:00 newmarlin sshd[11957]: Invalid user user from *SOMEIP* port 44250\n2025-04-26T19:32:30.810450+00:00 newmarlin sshd[12107]: Invalid user vali from *SOMEIP* port 40948\n2025-04-26T19:42:55.741753+00:00 newmarlin sshd[12315]: Invalid user ubuntu from *SOMEIP* port 37646\n2025-04-26T19:53:35.590692+00:00 newmarlin sshd[12501]: Invalid user ada from *SOMEIP* port 34344\n2025-04-26T20:04:26.740069+00:00 newmarlin sshd[12735]: Invalid user solx from *SOMEIP* port 59272\n2025-04-27T05:51:07.346446+00:00 newmarlin sshd[26187]: Invalid user ubuntu from *SOMEIP* port 39368\n2025-04-27T06:01:32.901474+00:00 newmarlin sshd[26458]: Invalid user validator from *SOMEIP* port 39306\n2025-04-27T06:12:14.910224+00:00 newmarlin sshd[26683]: Invalid user node from *SOMEIP* port 39082\n2025-04-27T06:22:53.212625+00:00 newmarlin sshd[26851]: Invalid user solana from *SOMEIP* port 38860\n2025-04-27T06:33:28.101646+00:00 newmarlin sshd[27406]: Invalid user sol from *SOMEIP* port 38644', 'ipjailfailures': 15, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0xffffaf83a7a0>})': Error banning *SOMEIP* #012Traceback (most recent call last):#012 File "/usr/lib/python3/dist-packages/fail2ban/server/actions.py", line 513, in __checkBan#012 action.ban(aInfo)#012 File "/usr/lib/python3/dist-packages/fail2ban/server/action.py", line 568, in ban#012 raise RuntimeError("Error banning %(ip)s" % aInfo)#012RuntimeError: Error banning *SOMEIP*
2025-04-27T07:12:34.970108+00:00 newmarlin fail2ban.actions[28595]: DEBUG Banned 6 / 6, 6 ticket(s) in 'sshd'

**bsdhostdk** · 2025-04-27 15:23:47

bsdhostdk
Member
Offline

Registered: 2025-04-27
Posts: 4

Re: fail2ban jail error

Additional info in journal:

root@newmarlin:~# journalctl -t fail2ban.actions -f
Apr 27 07:12:34 newmarlin fail2ban.actions[28595]: ERROR Failed to execute ban jail 'sshd' action 'banned_db' info 'ActionInfo({'ip': '*SOMEIP* ', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0xffffaf83a020>, 'ipjailmatches': '2025-04-27T06:28:48.432051+00:00 newmarlin sshd[27270]: Invalid user dspace from *SOMEIP* port 34130\n2025-04-27T06:28:50.370824+00:00 newmarlin sshd[27272]: Invalid user metricbeat from *SOMEIP* port 34126\n2025-04-27T06:28:52.130138+00:00 newmarlin sshd[27277]: Invalid user vyos from *SOMEIP* port 43284\n2025-04-27T06:28:54.001107+00:00 newmarlin sshd[27279]: Invalid user user from *SOMEIP* port 46096\n2025-04-27T06:28:55.907465+00:00 newmarlin sshd[27283]: Invalid user oracle from *SOMEIP* port 54514', 'ipjailfailures': 5, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0xffffaf83a7a0>})': Error banning *SOMEIP*
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/fail2ban/server/actions.py", line 513, in __checkBan
action.ban(aInfo)
File "/usr/lib/python3/dist-packages/fail2ban/server/action.py", line 568, in ban
raise RuntimeError("Error banning %(ip)s" % aInfo)
RuntimeError: Error banning *SOMEIP*
Apr 27 07:12:34 newmarlin fail2ban.actions[28595]: NOTICE [sshd] Restore Ban *SOMEIP*

**ZhangHuangbin** · 2025-04-28 08:46:40

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,370

Re: fail2ban jail error

It's not clear what the problem is according to pasted log lines.
Did you try to restart fail2ban service?

**bsdhostdk** · 2025-04-28 20:20:47

bsdhostdk
Member
Offline

Registered: 2025-04-27
Posts: 4

Re: fail2ban jail error

ZhangHuangbin wrote:

It's not clear what the problem is according to pasted log lines.
Did you try to restart fail2ban service?

I agree - it's not easy - and yes I tried restarting fail2ban - and the whole VM - no improvement sadly.

**chris.23lo** · 2025-04-29 14:14:54

chris.23lo
Member
Offline

Registered: 2022-06-30
Posts: 57

Re: fail2ban jail error

did you notice
/usr/local/bin/fail2ban_banned_db: not found

April 4, 2025: iRedMail-1.7.3 has been released.

fail2ban jail error

Posts: 7

1 Topic by bsdhostdk 2025-04-27 13:49:05

Topic: fail2ban jail error

2 Reply by ZhangHuangbin 2025-04-27 14:58:13

Re: fail2ban jail error

3 Reply by bsdhostdk 2025-04-27 15:19:44

Re: fail2ban jail error

4 Reply by bsdhostdk 2025-04-27 15:23:47

Re: fail2ban jail error

5 Reply by ZhangHuangbin 2025-04-28 08:46:40

Re: fail2ban jail error

6 Reply by bsdhostdk 2025-04-28 20:20:47

Re: fail2ban jail error

7 Reply by chris.23lo 2025-04-29 14:14:54

Re: fail2ban jail error

Posts: 7