Project

General

Profile

Actions
Copy link

Bug #489

closed

concurrency between fail2ban firewalling init script

Added by Pierre-Louis Bonicoli about 9 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Pierre-Louis Bonicoli
Category:
System :: Base
Start date:
2016-03-03
Due date:
% Done:

100%

Estimated time:
Patch Available:
Confirmed:
Yes
Branch:
Entity:
DuckCorp
Security:
Help Needed:

Description

/var/log/syslog shows that fail2ban and firewalling init script are executed concurrently:

Mar  3 14:54:08 orfeo fail2ban[875]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
Mar  3 14:54:08 orfeo firewalling[857]: Starting firewall ...Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo firewalling[857]: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo firewalling[857]: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo fail2ban[875]: .

The firewalling init script provides firewalling, the fail2ban init script refers to the firewall service as one of:
  • iptables
  • firehol
  • shorewall
  • ipmasq
  • arno-iptables-firewall
  • iptables-persistent
  • ferm

firewalling init script should provide firewall instead.

Actions
Copy link
 #1

Updated by Pierre-Louis Bonicoli about 9 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Fixed by cf102bc0328d2da706427c40717755c2a49d8ca6.

Actions
Copy link
 #2

Updated by Pierre-Louis Bonicoli over 8 years ago

Applied today on Jinta, Thorfinn, Toushirou (was already applied on Orfeo) using:

ansible-playbook -i hosts -l Jinta,Thorfinn,Toushirou,Orfeo --tags=firewalling --step playbooks/dc.yml

Actions
Copy link

Also available in: Atom PDF