• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Question Fail2Ban Configuration failed by \n

Host-Inkompetent

New Pleskian
Hi Pleskers,

I write in moment a hardening Script for my work and im near finish. In moment I test the Script and found a Error that I cannot fix a day long.

I generate the config like this:
Code:
writeconfigs() {
    echo '[plesk-proftpd] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '[plesk-proftpd] ' | tee -a $REQ/fail2ban/jail.local
    echo '' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $PROFTPD " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $PROFTPD " | tee -a $REQ/fail2ban/jail.local
    echo '  action   = iptables-multiport[name="plesk-proftpd", port="ftp,ftp-data,ftps,ftps-data"] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  filter   = proftpd ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  logpath  = /var/log/auth.log ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  maxretry = $PROFTPDTRYS " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.local
       
    echo '[plesk-qmail] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '[plesk-qmail] ' | tee -a $REQ/fail2ban/jail.local
    echo '' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $PHPMAIL " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $PHPMAIL " | tee -a $REQ/fail2ban/jail.local
    echo '  action   = iptables-multiport[name="plesk-qmail", port="smtp,smtps,submission"] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  filter   = plesk-qmail ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  logpath  = /var/log/maillog ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  maxretry = $PHPMAILTRYS " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.local
       
    echo '[plesk-postfix] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '[plesk-postfix] ' | tee -a $REQ/fail2ban/jail.local
    echo '' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $POSTFIX " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $POSTFIX " | tee -a $REQ/fail2ban/jail.local
    echo '  action   = iptables-multiport[name="plesk-postfix", port="smtp,smtps,submission"] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  filter   = postfix-sasl ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  logpath  = /var/log/maillog ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  maxretry = $POSTFIXTRYS " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.local
       
    echo '[plesk-courierimap] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '[plesk-courierimap] ' | tee -a $REQ/fail2ban/jail.local
    echo '' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $COURIER " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $COURIER " | tee -a $REQ/fail2ban/jail.local
    echo '  action   = iptables-multiport[name="plesk-courierimap", port="imap,imap3,imaps,pop3,pop3s"] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  filter   = plesk-courierlogin ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  logpath  = /var/log/maillog ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  maxretry = $COURIERTRYS " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.local
       
    echo '[plesk-dovecot] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '[plesk-dovecot] ' | tee -a $REQ/fail2ban/jail.local
    echo '' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $COURIER " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  enabled  = $COURIER " | tee -a $REQ/fail2ban/jail.local
    echo '  action   = iptables-multiport[name="plesk-dovecot", port="imap,imap3,imaps,pop3,pop3s,4190"] ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  filter   = plesk-dovecot ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo '  logpath  = /var/log/maillog ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo "  maxretry = $DOVECOTTRYS " | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.d/plesk.conf
    echo ' ' | tee -a $REQ/fail2ban/jail.local
}
writeconfigs

Now my Problem:
The writing of the Configuration works fine but when I restart the Fail2Ban Service an Error let me show this:
Code:
ERROR  Failed during configuration: File contains parsing errors: /etc/fail2ban/jail.d/plesk.conf
        [line  4]: '  enabled  = true \n'
        [line  5]: '  action   = iptables-multiport[name="plesk-proftpd", port="ftp,ftp-data,ftps,ftps-data"] \n'
        [line  6]: '  filter   = proftpd \n'
        [line  7]: '  logpath  = /var/log/auth.log \n'
        [line  8]: '  maxretry = 1 \n'
        [line 12]: '  enabled  = true \n'
        [line 13]: '  action   = iptables-multiport[name="plesk-qmail", port="smtp,smtps,submission"] \n'
        [line 14]: '  filter   = plesk-qmail \n'
        [line 15]: '  logpath  = /var/log/maillog \n'
        [line 16]: '  maxretry = 1 \n'
        and more...

I try to decode the configuration with dos2unix and try to insert the config texts with other methods.
Nothing worked.

I think that the Error came from the \n on the end of the lines but im not shure.

Thx for every help :(
 
Looks like that you have corrupted /etc/fail2ban/jail.d/plesk.conf file. This file is a part of plesk-fail2ban-configurator package. Try to reinstall it or extract this file from pachage and replace your with original. I hope it will help.
 
Back
Top