I’m running fail2ban on CentOS. I want to have an action that posts to a web service on banning. I’ve tried both wget and curl, neither one is working. In the fail2ban logs it just says
fail2ban.actions.action: ERROR curl -X POST -d "true" http://myserver/path --header "Content-Type:application/json" returned 700
For the same action using wget, it says “returned 400”. I already have the fail2ban logging up to debug level, and I don’t see any other information on what’s happening. When I try passing in –d to wget to trigger wget debug logging, I get an error message that it couldn’t write to the log.
Both curl and wget, the exact same command line that fails in the action succeeds when I run it from the bash prompt.
The destination server (windows with IIS – so I’ve checked both IIS logs and Network Monitor) isn’t receiving the post, so at first I thought perhaps it just wasn’t resolving the host name – but using FQDN or IP Address gives the same results.
My questions are:
- Is there any fail2ban documentation of these error codes? I searched the http://www.fail2ban.org/ site and found nothing.
- Are there specific restrictions of what can be done from a custom action? Is there something about the context that changes how network operations work?
- Any trick to getting wget debug logging working from inside an action?
- Anything obvious you see that I’m doing wrong?