Project

General

Profile

Actions
Copy link

Bug #489

closed

concurrency between fail2ban firewalling init script

Added by Pierre-Louis Bonicoli about 8 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Pierre-Louis Bonicoli
Category:
System :: Base
Start date:
2016-03-03
Due date:
% Done:

100%

Estimated time:
Patch Available:
Confirmed:
Yes
Branch:
Entity:
DuckCorp
Security:
Help Needed:

Description

/var/log/syslog shows that fail2ban and firewalling init script are executed concurrently:

Mar  3 14:54:08 orfeo fail2ban[875]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
Mar  3 14:54:08 orfeo firewalling[857]: Starting firewall ...Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo firewalling[857]: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo firewalling[857]: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Mar  3 14:54:08 orfeo fail2ban[875]: .

The firewalling init script provides firewalling, the fail2ban init script refers to the firewall service as one of:
  • iptables
  • firehol
  • shorewall
  • ipmasq
  • arno-iptables-firewall
  • iptables-persistent
  • ferm

firewalling init script should provide firewall instead.

Actions
Copy link

Also available in: Atom PDF