Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 408263 - =net-analyzer/fail2ban-0.8.6 iptables bans lost on restart
Summary: =net-analyzer/fail2ban-0.8.6 iptables bans lost on restart
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: AMD64 Linux
: Normal normal (vote)
Assignee: Gentoo Netmon project
URL: https://github.com/fail2ban/fail2ban/...
Whiteboard:
Keywords: UPSTREAM
Depends on:
Blocks:
 
Reported: 2012-03-15 03:19 UTC by Robin Bankhead
Modified: 2014-03-15 13:57 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robin Bankhead 2012-03-15 03:19:05 UTC 
According to

https://github.com/fail2ban/fail2ban/issues/2#issuecomment-3287699

fail2ban should be re-scanning the jail target logfiles on (re)start and reinstating bans that should still be in force. This is not happening on my system: all bans are permanently dumped on restart.

I am using logrotate which I know is responsible for a lot of issues with fail2ban, but I can confirm that even non-rotated logs contain bannable strings (and these were correctly banned by fail2ban prior to restart) that are within the set bantime (let alone bantime+findtime) for the jails in question. I'll give full details if required.

I'm a little uncertain from reading the above upstream ticket whether the author's claim to have implemented this is correct, particularly as the ticket is still open. Perhaps the Gentoo package maintainer can clarify this and accordingly either address it here or upstream it. Thanks.