Jim Tromp wrote:
Michael Geiger wrote:
Michael Geiger wrote:
    
Any hints at how to solve this?

Regards,

Jim
    
        
Hi Jim,

I had similar errors on startup, this patch solved it for me:
<http://sourceforge.net/tracker/?func=detail&aid=2857096&group_id=121032&atid=689046>


Greetings

Michael

  
      
Thanks!

Is this a matter of wget-ing this and placing it in /etc/fail2ban then
run diff? I've not worked with patch files too much!
    

Hi Jim,

this is a source patch - you have to get the fail2ban sources, untar and patch
them ... something like

tar -xzf fail2ban-0.8.4.tgz
cd fail2ban-0.8.4
patch -p1 < ../patchfile        (or -p0, if you get errors / questions)

After that you can install fail2ban as told in the INSTALL or README file.


Michael



  
Thanks Michael,

Appreciate the fast response!

I figured, before I do that, I test it with just one active jail as the patch details on SourceForge seem to hint it's an issue that only occurs when multiple jails are active. So I false-d all the other jails and left just MageVP running. Restarted fail2ban and triggered a ban.

For people's interest, the same errors and symptoms occur.

2009-10-27 09:14:33,974 fail2ban.actions.action: INFO   Set actionUnban =
2009-10-27 09:14:33,974 fail2ban.actions.action: INFO   Set actionCheck =
2009-10-27 09:14:33,984 fail2ban.actions.action: ERROR  iptables -N fail2ban-MageVP
iptables -A fail2ban-MageVP -j RETURN
iptables -I INPUT -p tcp --dport http,https -j fail2ban-MageVP returned 200
2009-10-27 09:15:24,016 fail2ban.actions: WARNING [mage-vp] Ban 87.117.199.130
2009-10-27 09:15:24,022 fail2ban.actions.action: ERROR  iptables -n -L INPUT | grep -q fail2ban-MageVP returned 100
2009-10-27 09:15:24,023 fail2ban.actions.action: ERROR  Invariant check failed. Trying to restore a sane environment
2009-10-27 09:15:24,046 fail2ban.actions.action: ERROR  iptables -N fail2ban-MageVP
iptables -A fail2ban-MageVP -j RETURN
iptables -I INPUT -p tcp --dport http,https -j fail2ban-MageVP returned 200
2009-10-27 09:15:24,052 fail2ban.actions.action: ERROR  iptables -n -L INPUT | grep -q fail2ban-MageVP returned 100
2009-10-27 09:15:24,053 fail2ban.actions.action: CRITICAL Unable to restore environment

I do wonder why it's not even logging a DROP attempt with that IP?

That's not to say the patch won't work so I'll give that a try next. It does seem to suggest it's not an issue just limited to multi-jail environments.

Thanks!
Update:

As I'm not a very confident sysadmin, I tried this suggestion instead:

http://sourceforge.net/tracker/index.php?func=detail&aid=2870788&group_id=121032&atid=689044

Adding the sleep 1 in the conf files fixes this for me. From reading the thread there, Michael's suggestion of the patch wold also have worked and quite possibly much more elegant than forcing a sleep period of a second but for someone like me, vim-ing one file is so much more easy that reinstalling, I just had to try that first.

Thanks Michael for pointing me in the right direction, it's now working as intended!

Regards,

Jim