• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved can't enable Fail2Ban after upgrade Onyx Version 17.5.3

tomer628

Basic Pleskian
hi.

after upgrade Onyx Version 17.5.3 i can't enable Fail2Ban , this error i got when i tried to enable it...
how can i fix it ?

Error: Unable to save the settings: f2bmng failed: Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 256, in __processCommand
if self.__ping():
File "/usr/bin/fail2ban-client", line 153, in __ping
return self.__processCmd([["ping"]], False)
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 1.
 
yes, after i followed the instructions ..
i got this error:
Error: Unable to save the settings: f2bmng failed: Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 256, in __processCommand
if self.__ping():
File "/usr/bin/fail2ban-client", line 153, in __ping
return self.__processCmd([["ping"]], False)
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 1.
 
... and you changed as well the "backend" settings?
it was Auto
i changed to ... pyinotify and all the others options but...
i tried to restart ' this what i got:
Code:
# service fail2ban restart
 * Restarting authentication failure monitor fail2ban                           Traceback (most recent call last):
  File "/usr/bin/fail2ban-client", line 472, in <module>
    if client.start(sys.argv):
  File "/usr/bin/fail2ban-client", line 442, in start
    return self.__processCommand(args)
  File "/usr/bin/fail2ban-client", line 216, in __processCommand
    if self.__ping():
  File "/usr/bin/fail2ban-client", line 153, in __ping
    return self.__processCmd([["ping"]], False)
  File "/usr/bin/fail2ban-client", line 185, in __processCmd
    client.close()
  File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
    self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
  File "/usr/lib/python2.7/socket.py", line 224, in meth
    return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
                                                                         [fail]
 
Last edited:
Hi tomer628,

could you pls. post the output of your used Plesk versions?
Code:
fail2ban-client -V

... and could pls. add as well the output of:
Code:
plesk version
 
Product version: Plesk Onyx 17.5.3 Update #3
Update date: 2017/04/22 20:27
Build date: 2017/03/17 16:00
OS version: Ubuntu 14.04
Revision: 55d1b49a272f44666e1920eca8b6e4da449a38cd
Architecture: 64-bit
Wrapper version: 1.2
 
Hi tomer628,

last information request before I suggest possible solutions: Could you pls. post the output of
Code:
apt-cache policy fail2ban
 
Hi tomer628,

last information request before I suggest possible solutions: Could you pls. post the output of
Code:
apt-cache policy fail2ban
fail2ban:
Installed: 1:0.9.6-ubuntu14.04.17031415
Candidate: 1:0.9.6-ubuntu14.04.17031415
Version table:
*** 1:0.9.6-ubuntu14.04.17031415 0
500 Index of /parallels/ubuntu/PSA_17.5.3 trusty/extras amd64 Packages
100 /var/lib/dpkg/status
0.8.11-1 0
500 Index of /ubuntu trusty/universe amd64 Packages
 
Hi tomer628,

pls. consider to RE-install the FAIL2Ban - package with the following commands:
Code:
aptitude purge fail2ban plesk-fail2ban-configurator

mkdir -p /root/addons/plesk
cd /root/addons/plesk
wget http://autoinstall.plesk.com/PSA_17.5.3/dist-deb-Ubuntu-14.04-x86_64/opt/fail2ban/fail2ban_0.9.6-ubuntu14.04.17031415_all.deb
wget http://autoinstall.plesk.com/PSA_17.5.3/dist-deb-Ubuntu-14.04-x86_64/opt/fail2ban/plesk-fail2ban-configurator_17.5.3-ubuntu14.04.build1705170314.14_all.deb

dpkg -i fail2ban_0.9.6-ubuntu14.04.17031415_all.deb plesk-fail2ban-configurator_17.5.3-ubuntu14.04.build1705170314.14_all.deb

After your installation, pls. consider to clean up with for example:
Code:
rm -rf /root/addons/plesk


Afterwards, pls. flush the iptables with for example:
Code:
/sbin/iptables -F
and restart Fail2Ban:
Code:
service fail2ban restart

Pls. report back with ( possible ) issues/errors/problems for further investigations and suggestions.
 
Hi tomer628,

pls. consider to RE-install the FAIL2Ban - package with the following commands:
Code:
aptitude purge fail2ban plesk-fail2ban-configurator

mkdir -p /root/addons/plesk
cd /root/addons/plesk
wget http://autoinstall.plesk.com/PSA_17.5.3/dist-deb-Ubuntu-14.04-x86_64/opt/fail2ban/fail2ban_0.9.6-ubuntu14.04.17031415_all.deb
wget http://autoinstall.plesk.com/PSA_17.5.3/dist-deb-Ubuntu-14.04-x86_64/opt/fail2ban/plesk-fail2ban-configurator_17.5.3-ubuntu14.04.build1705170314.14_all.deb

dpkg -i fail2ban_0.9.6-ubuntu14.04.17031415_all.deb plesk-fail2ban-configurator_17.5.3-ubuntu14.04.build1705170314.14_all.deb

After your installation, pls. consider to clean up with for example:
Code:
rm -rf /root/addons/plesk


Afterwards, pls. flush the iptables with for example:
Code:
/sbin/iptables -F
and restart Fail2Ban:
Code:
service fail2ban restart

Pls. report back with ( possible ) issues/errors/problems for further investigations and suggestions.
thank you for fast reply..
i tried to do ... but this what i got after all.. :
* Restarting authentication failure monitor fail2ban Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 216, in __processCommand
if self.__ping():
File "/usr/bin/fail2ban-client", line 153, in __ping
return self.__processCmd([["ping"]], False)
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
[fail]
 
Hi tomer628,

before you repeat the steps, pls. make sure, that NO fail2ban process is currently running during your re-installation procedure. Pls. check with for example:
Code:
ps aux | grep failban
and
Code:
lsof | grep failban

It might help as well to clean a possible orphaned socket from the standart location "/var/run/fail2ban".

Pls. use as well the commands:
Code:
/etc/init.d/fail2ban stop
/etc/init.d/fail2ban start
... instead of the previous "restart" command.
 
Hi tomer628,

before you repeat the steps, pls. make sure, that NO fail2ban process is currently running during your re-installation procedure. Pls. check with for example:
Code:
ps aux | grep failban
and
Code:
lsof | grep failban

It might help as well to clean a possible orphaned socket from the standart location "/var/run/fail2ban".

Pls. use as well the commands:
Code:
/etc/init.d/fail2ban stop
/etc/init.d/fail2ban start
... instead of the previous "restart" command.
ok, i did the last instructions, then i repeat the previous commands , but still error :

/etc/init.d/fail2ban start
* Starting authentication failure monitor fail2ban Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 216, in __processCommand
if self.__ping():
File "/usr/bin/fail2ban-client", line 153, in __ping
return self.__processCmd([["ping"]], False)
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
[fail]
maybe i need to remove via Plesk panel , and then install again via the Plesk panel Tools and setting ?
 
Hi,

after an update from Onyx 17.0 to 17.5.3 I got also this "Broken pipe" error from the daily logrotate script:
/etc/cron.daily/logrotate:
Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 281, in __processCommand
return self.__processCmd([cmd])
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe

I tried the "RE-install the FAIL2Ban" instruction, but after the
Code:
/sbin/iptables -F
the VPS is completly locked. I have to restart it with the Virtuozzo. With the restart, the fail2ban process starts again (and sends all the ban notifications again). I want to make sure, that I can stop / start the process again, so I tried this:
Code:
service fail2ban stop
That works, but ...
Code:
service fail2ban start
that causes the VPS to crash! I had to start it via the Virtuozzo again. (Never had this before, that Virtuozzo says that the client wasn't running.)

After the next restart of the machine, I use
Code:
service fail2ban restart
and that need four minutes, but works without a failure.
:confused:
 
Hi Xantiva,

but after the
Code:
/sbin/iptables -F
the VPS is completly locked.
Pls. note, that this commands FLUSHes the iptables, which means, it cleans up all existent entries. Your investigation that this might "block" your VPS is completely not possible, sorry. You will have to investigate in another direction here, because flushing iptables can't be any root cause for your issue/error/problem. ;)

If you experience issues with "Virtuozzo", pls. contact their support, or visit the "Odin" - community, which you are able to reach at => https://forum.odin.com
 
Back
Top