hi list !

when reloading fail2ban-client with the following jail i get:

fail2ban.actions.action: ERROR  iptables -N fail2ban-dovecot
iptables -A fail2ban-dovecot -j RETURN
iptables -I INPUT -p tcp --dport pop3,pop3s,imap,imaps protocol -j fail2ban-dovecot returned 200

fail2ban-regex shows some matches when trying this config

i'm using: Fail2Ban v0.8.7 on Debian 2.6.26-26lenny3

here is the jail config:

jail.conf:

[dovecot-iptables]
enabled = false
filter = dovecot
action   = iptables[name=dovecot, port="pop3,pop3s,imap,imaps" protocol=tcp]
           sendmail-whois[name=dovecot, dest=edv@me.me, sender=admin@me.me]
logpath  = /var/log/mail.log
maxretry = 2
findtime = 4000
bantime = -1



other jails with similar config are working.

i searched the net and tried:

the "timing-patch": fail2ban-client at line 145  ( insert the sleep - even 0.5 does not help)

def __processCmd(self, cmd, showRet = True):
    beautifier = Beautifier()
    for c in cmd:
        time.sleep(0.1)
        beautifier.setInputCmd(c)
        try:

and the syncronisation / lock thing, modifiying actions  iptables.conf / iptables-multiport.conf
actionstart = flock /var/lock/fail2ban -c "iptables -N fail2ban-<name>"
              flock /var/lock/fail2ban -c "iptables -A fail2ban-<name> -j RETURN"
              flock /var/lock/fail2ban -c "iptables -I INPUT -p <protocol> \
                      -m multiport --dports <port> -j fail2ban-<name>"



but no success so far. am i missing something ?

i saw his post: http://blog.somsip.com/2011/12/fail2ban-error-iptables-returned-200/
but could not manage to get under 30characters - ist that it ?

thank you, chris


--
Disclaimer: This communication may contain confidential, proprietary or legally privileged information. It is intended only for the person(s) to whom it is addressed. If you are not an intended recipient, you may not use, read, retransmit, disseminate or take any action in reliance upon it. Please notify the sender that you have received it in error and immediately delete the entire communication, including any attachments. I do not encrypt and cannot ensure the confidentiality or integrity of external e-mail communications and, therefore, I cannot be responsible for any unauthorized access, disclosure, use or tampering that may occur during transmission. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. I accept no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided.