Join Log in
Score:0
avatar Server

HINT on 127: "Command not found" fail2ban

ng flag
juju750xx

I have a problem with Fail2ban. In the log I have this:

2021-12-05 00:49:23,968 fail2ban.utils          [979765]: ERROR   7f9a6df8cdf0 -- stderr: '/bin/sh: 1: iptables: not found'
2021-12-05 00:49:23,968 fail2ban.utils          [979765]: ERROR   7f9a6df8cdf0 -- stderr: '/bin/sh: 2: iptables: not found'
2021-12-05 00:49:23,968 fail2ban.utils          [979765]: ERROR   7f9a6df8cdf0 -- stderr: '/bin/sh: 3: iptables: not found'
2021-12-05 00:49:23,968 fail2ban.utils          [979765]: ERROR   7f9a6df8cdf0 -- returned 127
2021-12-05 00:49:23,969 fail2ban.utils          [979765]: INFO    HINT on 127: "Command not found".  Make sure that all commands in 'iptables -w -N f2b-nginx-badbots\niptables -w -A f2b-nginx-badbots -j RETURN\niptables -w -I INPUT -p tcp -j f2b-nginx-badbots' are in the PATH of fail2ban-server process (grep -a PATH= /proc/`pidof -x fail2ban-server`/environ). You may want to start "fail2ban-server -f" separately, initiate it with "fail2ban-client reload" in another shell session and observe if additional informative error messages appear in the terminals.
2021-12-05 00:49:23,969 fail2ban.actions        [979765]: ERROR   Failed to execute ban jail 'nginx-badbots' action 'iptables-allports' info 'ActionInfo({'ip': '81.213.141.194', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f9a6f56eca0>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f9a6f56f3a0>})': Error starting action Jail('nginx-badbots')/iptables-allports: 'Script error'
2021-12-05 00:49:23,969 fail2ban.actions        [979765]: NOTICE  [nginx-badbots] Restore Ban 82.66.13.48
2021-12-05 00:49:23,976 fail2ban.utils          [979765]: ERROR   7f9a6df8cdf0 -- exec: iptables -w -N f2b-nginx-badbots

Can someone enlighten me?

thanks in advance

315
0 + 0
Dennis Nolte avatar
us flag
Dennis Nolte
'/bin/sh: 2: iptables: not found' seems you do not have iptables installed
1
Reply
ng flag
juju750xx
Hello, That was it, thank you for your help.
0
Reply
Score:1
DevOpsSauce avatar Server
jp flag
DevOpsSauce

For anyone that already has iptables installed, this is what I did:

I'm on Ubuntu 18.04, using fail2ban v0.9.4

I went into /etc/fail2ban/action.d/iptables-common.conf and edited the last line in the file:

# Option:  iptables
# Notes.:  Actual command to be executed, including common to all calls options
# Values:  STRING
#iptables = iptables <lockingopt> <--- Commented this
iptables = /sbin/iptables <lockingopt> <--- Changed to this

I gave it the binary path to iptables and it's working now.

+ 0
Score:0
Dennis Nolte avatar Server
us flag
Dennis Nolte

In the loglines you posted you can see the error " /bin/sh: 2: iptables: not found'"

A command not found message usually means that either the command is not installed, or (less often) that the command is not within the PATH environment variable.

Try to install the package which includes the required command, in your case this would be the iptables command, which is the same name for the package.

An installation command like sudo apt install iptables should provide you with the required command for the fail2ban functionality on debian.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.