Facebook
Twitter
tkalfaoglu
Silver Pleskian
Hi there.. When fail2ban "fails" to ban or unban, it logs a verrry long error line in the /var/log/fail2ban.log which makes the log file impossible to view afterwards. The error line is easily a page long..
Here is an example:
2021-02-03 08:31:14,420 fail2ban.filter [9599]: INFO [fail2ban-repeats] Found 87.246.7.226 - 2021-02-03 08:31:14
2021-02-03 08:31:14,834 fail2ban.actions [9599]: NOTICE [fail2ban-repeats] Ban 87.246.7.226
2021-02-03 08:31:14,846 fail2ban.actions [9599]: ERROR Failed to execute ban jail 'fail2ban-repeats' action 'route' info 'ActionInfo({'
ipfailures': 4036, 'ip-rev': '226.7.246.87.', 'family': 'inet4', 'ipmatches': "2021-02-02 05:53:39,410 fail2ban.actions [16221]: NOTICE
[sasl] Unban 87.246.7.226\n2021-02-02 05:53:39,539 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54
:58,787 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54:58,966 fail2ban.actions [16221]: NO
TICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,460 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,
632 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,366 fail2ban.actions [9599]: NOTICE
[plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,645 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 07:29:
32,665 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 07:29:32,968 fail2ban.actions [9599]: NOTIC
E [sasl] Unban 87.246.7.226\nFeb 3 07:29:36 jedi postfix/smtpd[46947]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authe
ntication failure\nFeb 3 07:29:39 jedi postfix/smtpd[59565]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authentication f
(etc this goes on)
Any ideas how to shorten this unnecessary long line?
Many thanks, -turgut
Here is an example:
2021-02-03 08:31:14,420 fail2ban.filter [9599]: INFO [fail2ban-repeats] Found 87.246.7.226 - 2021-02-03 08:31:14
2021-02-03 08:31:14,834 fail2ban.actions [9599]: NOTICE [fail2ban-repeats] Ban 87.246.7.226
2021-02-03 08:31:14,846 fail2ban.actions [9599]: ERROR Failed to execute ban jail 'fail2ban-repeats' action 'route' info 'ActionInfo({'
ipfailures': 4036, 'ip-rev': '226.7.246.87.', 'family': 'inet4', 'ipmatches': "2021-02-02 05:53:39,410 fail2ban.actions [16221]: NOTICE
[sasl] Unban 87.246.7.226\n2021-02-02 05:53:39,539 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54
:58,787 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54:58,966 fail2ban.actions [16221]: NO
TICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,460 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,
632 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,366 fail2ban.actions [9599]: NOTICE
[plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,645 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 07:29:
32,665 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 07:29:32,968 fail2ban.actions [9599]: NOTIC
E [sasl] Unban 87.246.7.226\nFeb 3 07:29:36 jedi postfix/smtpd[46947]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authe
ntication failure\nFeb 3 07:29:39 jedi postfix/smtpd[59565]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authentication f
(etc this goes on)
Any ideas how to shorten this unnecessary long line?
Many thanks, -turgut
