Fail2ban not detecting "...client denied by server configuration..."
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fail2ban (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Fail2ban starts properly and creates "apache" jail with proper log files:
2014-11-12 00:27:49,973 fail2ban.server : INFO Changed logging target to /var/log/
2014-11-12 00:27:49,974 fail2ban.jail : INFO Creating new jail 'apache'
2014-11-12 00:27:50,084 fail2ban.jail : INFO Jail 'apache' uses pyinotify
2014-11-12 00:27:50,186 fail2ban.jail : INFO Initiated 'pyinotify' backend
2014-11-12 00:27:50,193 fail2ban.filter : INFO Added logfile = /var/log/
2014-11-12 00:27:50,196 fail2ban.filter : INFO Added logfile = /var/log/
2014-11-12 00:27:50,198 fail2ban.filter : INFO Added logfile = /var/log/
2014-11-12 00:27:50,200 fail2ban.filter : INFO Added logfile = /var/log/
2014-11-12 00:27:50,201 fail2ban.filter : INFO Added logfile = /var/log/
2014-11-12 00:27:50,202 fail2ban.filter : INFO Set maxRetry = 6
2014-11-12 00:27:50,203 fail2ban.filter : INFO Set findtime = 600
2014-11-12 00:27:50,204 fail2ban.actions: INFO Set banTime = 600
2014-11-12 00:27:50,249 fail2ban.jail : INFO Jail 'apache' started
But it is not detecting the following regex, where it should:
[Wed Nov 12 00:28:24.094238 2014] [access_
[Wed Nov 12 00:28:45.981111 2014] [access_
[Wed Nov 12 00:28:48.622373 2014] [access_
[Wed Nov 12 00:28:50.666745 2014] [access_
[Wed Nov 12 00:28:53.132059 2014] [access_
[Wed Nov 12 00:28:55.211217 2014] [access_
[Wed Nov 12 00:28:57.758862 2014] [access_
[Wed Nov 12 00:28:59.948193 2014] [access_
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: fail2ban 0.8.11-1
ProcVersionSign
Uname: Linux 3.13.0-39-generic i686
ApportVersion: 2.14.1-0ubuntu3.5
Architecture: i386
Date: Wed Nov 12 00:40:06 2014
InstallationDate: Installed on 2011-05-04 (1287 days ago)
InstallationMedia: Ubuntu-Server 10.04.2 LTS "Lucid Lynx" - Release i386 (20110211.1)
PackageArchitec
SourcePackage: fail2ban
UpgradeStatus: Upgraded to trusty on 2014-10-06 (36 days ago)
mtime.conffile.
Status changed to 'Confirmed' because the bug affects multiple users.