• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved fail2ban issue

Dork

Dork

Regular Pleskian
Server operating system version
CentOS 7
Plesk version and microupdate number
18.0.49 Update #2,
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "delete from bans where timeofban < strftime('%s', 'now', '-7 days')"
has no effects
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "vacuum"
doesn't work.
am I doing something wrong?
 
Dork said:
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "delete from bans where timeofban < strftime('%s', 'now', '-7 days')"
has no effects
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "vacuum"
doesn't work.
am I doing something wrong?
Click to expand...
Take a look here, it may help you:

Question - Fail2ban sqlite database huge

We had a client's server run out of disk space last night. It looks like fail2ban had made several copies of its database for some reason until it ran out: -rw------- 1 root root 1232522240 May 4 09:18 fail2ban.sqlite3 -rw------- 1 root root 1232522240 May 3 21:03...
talk.plesk.com talk.plesk.com
 
othmaqsa said:
Take a look here, it may help you:

Question - Fail2ban sqlite database huge

We had a client's server run out of disk space last night. It looks like fail2ban had made several copies of its database for some reason until it ran out: -rw------- 1 root root 1232522240 May 4 09:18 fail2ban.sqlite3 -rw------- 1 root root 1232522240 May 3 21:03...
talk.plesk.com talk.plesk.com
Click to expand...
Sorry - but excactly that doesn't work (see my question)
 
Dork said:
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "delete from bans where timeofban < strftime('%s', 'now', '-7 days')"
has no effects
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "vacuum"
doesn't work.
am I doing something wrong?
Click to expand...

Your query seems right, although I haven't tested it. Note that you'll need the run the vacuum command directly after you've ran the query.

What is it you're trying to achieve exactly?
 
Kaspar said:
Your query seems right, although I haven't tested it. Note that you'll need the run the vacuum command directly after you've ran the query.

What is it you're trying to achieve exactly?
Click to expand...
I`m on a virtual Server (Virtuozo) and the limit if numiptent is 2000.
Vey often the server is under havy attack (ssh, postfix) and the numiptent increases (> 2000).
In this case I have to delete the database table and the logfile by hand.
So I want to write a script that read the numiptent and start the "vacuum" if numiptent is > 1900.
The script should start via cronjob.
 
I don't need advice for writing the script - but as long as at least
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "vacuum;"
doesn't work, as long it's useless to write the script
 
I see. What I actually meant to ask was what do you expect the query to do?

The query DELETE FROM bans WHERE timeofban < STRFTIME('%s', 'now', '-7 days') deletes all records (bans) older than 7 days. Do you actually have fail2ban configured with a ban period longer than seven days? If you have shorter ban period there won't be anything in the database to delete when you run that query.
 
Kaspar said:
I see. What I actually meant to ask was what do you expect the query to do?

The query DELETE FROM bans WHERE timeofban < STRFTIME('%s', 'now', '-7 days') deletes all records (bans) older than 7 days. Do you actually have fail2ban configured with a ban period longer than seven days? If you have shorter ban period there won't be anything in the database to delete when you run that query.
Click to expand...
Yes - I know
but
Code: 
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 "vacuum;"
should work independently of the other query - am I rght?
 
No, that's not what vacuum is used for. From How SQLite VACUUM Optimizes Your Database

The SQLite VACUUM command​

The VACUUM command does not change the content of the database except the rowid values. If you use INTEGER PRIMARY KEY column, the VACUUM does not change the values of that column. However, if you use unaliased rowid, the VACUUM command will reset the rowid values. Besides changing the rowid values, the VACUUM command also builds the index from scratch.

It is a good practice to perform the VACUUM command periodically, especially when you delete large tables or indexes from a database.

It is important to note that the VACCUM command requires storage to hold the original file and also the copy. Also, the VACUUM command requires exclusive access to the database file. In other words, the VACUUM command will not run successfully if the database has a pending SQL statement or an open transaction.
Click to expand...
 
Last edited:
Kaspar said:
Yes, that's correct.
Click to expand...
So I wil use a customized "delete" command as a part of my script and the "vacuum" command as an addition (in order to optimize the db).
Thanks for your help!

Please mark the thread as resolved.
 
You must log in or register to reply here.

Similar threads

B
Resolved fail2ban-vacuum
Replies
8
Views
2K
scsa20
scsa20
A
Issue Problems with fail2ban
Replies
1
Views
164
Kaspar@Plesk
Kaspar@Plesk
S
Question Fail2ban sqlite database huge
Replies
5
Views
4K
SteveITS
S
S
Resolved Warning: Unable to back up files
Replies
4
Views
701
smilan
S
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
Back
Top