Turris OS 7.1.0 is in RC now!

hello there… just trying to do the modification you suggested… This one :

“In the jails, I had to change not only banaction , but also protocol from all to tcp, udp - otherwise, fail2ban failed to start the jails due to nft syntax error.”

could you give me an example , since ii do see 'banaction" here :

block the whole /24 subnet of the attacker

banaction = iptables-multiport24subnet
banaction_allports =

Is that the one, and if so, to what should that be changed?

This is why I always create manual snapshot before I approve update.

In /etc/fail2ban/jail.d/openvpn.conf, change:

protocol = all

to

protocol = tcp, udp

And also change

banaction = iptables
banaction_allports = iptables_allports

to

banaction = nftables
banaction_allports = nftables_allports
3 Likes

oeps…did that, rebooted, stopped running…

[line 15]: option ‘banaction’ in section ‘openvpn’ already exists

edit ,. solved it. should be

banaction = nftables
banaction_allports = nftables_allports

thxs!

2 Likes

hmm, some more issues…
Nov 22 14:06:38 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash

Also, it basically let sentinel crash
Nov 22 14:05:24 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash
Nov 22 14:05:59 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash
Nov 22 14:06:08 turris procd: Instance sentinel-minipot::instance1 pid 28521 not stopped on SIGTERM, sending SIGKILL instead

killed f2b now, and now sentinel is working

Weird, mine runs fine. What jails do you have activated?

Only OPENVPN. But Haas also stopped working, (it does run but not open on the outside) , and sentinel runs, but does not show any data in view.sentinel.

I rolled back to 7.01, and run the update again. But now with f2b running.

So, not sure, but this update does something with the whole sentinel/haas concept.

I have the same problem…

I’m confused. So do you have f2b working after the second update?

Both f2b and sentinel/haas do work for me…

yes, f2b works now, but haas en sentinel not. They both run as in process, but no ping from outside.

Standard MOX classic, so not even a funky config.

I will try to re install the whole sentinel haas shebang, maybe that helps :slight_smile: ( i have no clue)

what happens if you go to reforis> sentinel > Haas > Save?

Settings saved successfully

Interesting, just updated the TO, and when i do that saving part, reforis is crashing.

Have you cleared browser cache?

yep, and different browsers. Same result.
image
thats the first time, second time, crash.
And not even f2b running on the TO.

and this in the syslog
Nov 24 12:46:06 turrisxx procd: Instance sentinel-minipot::instance1 pid 10134 not stopped on SIGTERM, sending SIGKILL instead

On my router i get the error from the Updater:

Error notifications
===================
Updater execution failed:


Stack Traceback

===============

(1) Lua function '?' at line 57 of chunk '"logging"]'

	Local variables:

	 err = string: "[string \"transaction\"]:334: [string \"transaction\"]:142: Collisions:\

• /sbin/logread: syslog-ng (existing-file), logd (new-file)"

	 err2string = Lua function '?' (defined at line 38 of chunk "logging"])

	 msg = string: "\

[string \"transaction\"]:334: [string \"transaction\"]:142: Collisions:\

• /sbin/logread: syslog-ng (existing-file), logd (new-file)"

	 (*temporary) = table: 0xb11a6130  {msg:

[string "transaction"]:334: [string "transaction"]:142: Collisions:

• /sbin/logread: syslog-ng (existing-file), logd (new-file) (more...)}

(2)  C function 'function: 0xb1169820'

(3) upvalue C function 'error'

(4) Lua function '?' at line 334 of chunk '"transaction"]'

	Local variables:

	 operations = nil

	 journal_status = table: 0xb154fe00  {}

	 run_state = table: 0xb673d490  {initialized:true, init:function: 0xb673d610, lfile:userdata: 0xb669b3c8 (more...)}

	 step = Lua function '?' (defined at line 276 of chunk "transaction"])

	 dir_cleanups = table: 0xb175ad30  {1:/usr/share/updater/unpacked//updater-FjlbBa, 2:/usr/share/updater/unpacked//updater-Odnlbp (more...)}

	 status = table: 0xb669b410  {rainbow-animator:table: 0xb669b4d0, asterisk-res-format-attr-h264:table: 0xb672d400 (more...)}

	 errors_collected = table: 0xb154fec0  {}

	 ok = boolean: false

	 err = string: "[string \"transaction\"]:142: Collisions:\

• /sbin/logread: syslog-ng (existing-file), logd (new-file)"

(5) tail call

	Local variables:

	 (*temporary) = C function: 0xb1169820

(6) Lua function '?' at line 425 of chunk '"transaction"]'

	Local variables:

	 queue_cp = table: 0xb672f2f0  {1:table: 0xb10da380, 2:table: 0xb10da440, 3:table: 0xb10da530, 4:table: 0xb10da5f0 (more...)}

	 (*temporary) = Lua function '?' (defined at line 402 of chunk "transaction"]) Unknown error (Exit code: -6)

I want to Update form 7.0.3 to 7.1.
I have restart the router several times.