Issue Prohibición de direcciones IP (Fail2Ban) endless loading

[solucionesuno]

i can open this page in Tools & settings > fail2ban...

endless loading.

what can i do?

 

[Bitpalast]

Check /var/log/fail2ban.log if you find additional information on what is going on. Sometimes the service fails if the log files that it has to scan are too large. In that case check your log rotation settings and make changes to create smaller log files.

To regain access to the GUI display of fail2ban:

1) # service fail2ban stop
2) Disable jails in GUI
3) # service fail2ban start
4) Enable jails in GUI step by step, e.g. five at a time

 

[solucionesuno]

Hello

I am having this issue always. cheking fail2ban log i have this:

<pre>
2017-02-08 12:01:59,769 fail2ban.filter [6334]: WARNING Unable to find a corresponding IP address for 2001:41d0:2:d30c::: [Errno -9] Address family for hostname not supported
2017-02-08 12:01:59,769 fail2ban.filter [6334]: INFO [plesk-proftpd] Found 149.56.79.108
2017-02-08 12:01:59,770 fail2ban.filter [6334]: WARNING Unable to find a corresponding IP address for 2001:41d0:2:d30c::: [Errno -9] Address family for hostname not supported
2017-02-08 12:01:59,770 fail2ban.filter [6334]: INFO [plesk-proftpd] Found 149.56.79.108
2017-02-08 12:01:59,770 fail2ban.filter [6334]: WARNING Unable to find a corresponding IP address for 2001:41d0:2:d30c::: [Errno -9] Address family for hostname not supported
2017-02-08 12:01:59,770 fail2ban.filter [6334]: INFO [plesk-proftpd] Found 149.56.79.108
2017-02-08 12:01:59,771 fail2ban.filter [6334]: WARNING Unable to find a corresponding IP address for 2001:41d0:2:d30c::: [Errno -9] Address family for hostname not supported
</pre>

Also in iptables -L i have rules duplicated:

f2b-plesk-wordpress tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-courierimap tcp -- anywhere anywhere multiport dports imap,imap3,imaps,pop3,pop3s
f2b-BadBots tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-wordpress tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data
f2b-plesk-wordpress tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data
f2b-plesk-qmail tcp -- anywhere anywhere multiport dports smtp,urd,submission
f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data
f2b-plesk-login tcp -- anywhere anywhere multiport dports cddbp-alt,pcsync-https
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-courierimap tcp -- anywhere anywhere multiport dports imap,imap3,imaps,pop3,pop3s
f2b-BadBots tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-apache tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-roundcube tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-qmail tcp -- anywhere anywhere multiport dports smtp,urd,submission
f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data
f2b-plesk-login tcp -- anywhere anywhere multiport dports cddbp-alt,pcsync-https
f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-plesk-courierimap tcp -- anywhere anywhere multiport dports imap,imap3,imaps,pop3,pop3s
f2b-BadBots tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-apache tcp -- anywhere anywhere multiport dports http,https,empowerid,7081
f2b-SSH tcp -- anywhere anywhere tcp dpt:ssh
........

 

[solucionesuno]

how can a reset the chains of fail2ban in iptables? i disable all jails in plesk but iptables begans showing it.

 

[solucionesuno]

hello? can you help me with this? fail2ban is hanging all the time in pesk configuration. i can accesss to this screen.

About ipv6 error i solve it removing an ipv6 in whitelist. but the problem for manage fail2ban from panel not works

 

[Bitpalast]

I think the issue can be caused by large log files or many log files. Fail2ban does not work correctly if the time it needs to scan large log files is long or if it has to scan many logs for a single jail.

Please refer to https://support.plesk.com/hc/en-us/search?utf8=✓&query=fail2ban+hangs for several possible solutions.

For large log files, it helps to rotate the logs frequenty or "on demand" (this is what we are doing here, testing size of log files of all accounts every n minutes, then rotate the ones that are larger than x bytes; a very successful approach so far). You will need to create your own script for that, though.

Plesk used to have an important article in their FAQs on how to split a single jail up into separate jails, e.g. have a wordpress-a, wordpress-b, wordpress-c ... wordpress-z jail instead of a single wordpress jail. Each jail responsible for a limited number of websites, so that the number of log files per jail can be kept low. I was unable to find that for you in their new KB, though. In case your host suffers from that issue (too many domains for a single jail), let me know, maybe we can work something out here.