You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2015-08-02 16:49:21
- Mozai
- Member
- Registered: 2015-08-02
- Posts: 1
fail2ban and systemd
Fresh new ArchLinux (installed 2015-08-01), comes with systemd and python3. fail2ban doesn't work because it expects text logfiles it can watch.
fail2ban>=0.9 does have systemd integration, but it has to be explictly stated in /etc/fail2ban/fail2ban.conf as "backend = systemd" in the jail definition. Defaults for jail definitions are in the [DEFAULT] section of /etc/fail2ban/jail.conf, and the default setting "backend = auto" only uses the three methods for watching text files, it omits using systemd.
Except fail2ban will not consult systemd without the python module for talking to systemd. I only found "community/python2-systemd" which requires Python-2=2.7. This would mean downgrading Python on this system.
Is there a python3-systemd ? Should I install the Python systemd modules using `pip` instead?
"You should use sshguard instead" I think that only watches sshd. I'd rather use something where I can watch for bad user behaviour on multiple daemons.
P.S.: the machine's been alive for 14 hours, doesn't have a hostname or any daemons other than sshd yet, and seen 9900 password attempts. That's approx 1 hack attempt every five seconds.
Last edited by Mozai (2015-08-02 17:07:32)
Offline
#2 2015-08-02 17:12:02
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,419
Re: fail2ban and systemd
Is there a python3-systemd ? Should I install the Python systemd modules using `pip` instead?
Offline
#3 2015-08-02 19:54:01
- Awebb
- Member
- Registered: 2010-05-06
- Posts: 6,688
Re: fail2ban and systemd
Is there a python3-systemd ? Should I install the Python systemd modules using `pip` instead?
There is python-systemd. s/pip/aur4/.
Offline
Pages: 1