hello there… just trying to do the modification you suggested… This one :
“In the jails, I had to change not only banaction
, but also protocol
from all
to tcp, udp
- otherwise, fail2ban failed to start the jails due to nft syntax error.”
could you give me an example , since ii do see 'banaction" here :
block the whole /24 subnet of the attacker
banaction = iptables-multiport24subnet
banaction_allports =
Is that the one, and if so, to what should that be changed?
winkler
November 22, 2024, 1:06pm
43
This is why I always create manual snapshot before I approve update.
peci1
November 22, 2024, 1:09pm
44
In /etc/fail2ban/jail.d/openvpn.conf
, change:
protocol = all
to
protocol = tcp, udp
And also change
banaction = iptables
banaction_allports = iptables_allports
to
banaction = nftables
banaction_allports = nftables_allports
3 Likes
oeps…did that, rebooted, stopped running…
[line 15]: option ‘banaction’ in section ‘openvpn’ already exists
edit ,. solved it. should be
banaction = nftables
banaction_allports = nftables_allports
thxs!
2 Likes
hmm, some more issues…
Nov 22 14:06:38 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash
Also, it basically let sentinel crash
Nov 22 14:05:24 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash
Nov 22 14:05:59 turris procd: Instance fail2ban::instance1 s in a crash loop 6 crashes, 1 seconds since last crash
Nov 22 14:06:08 turris procd: Instance sentinel-minipot::instance1 pid 28521 not stopped on SIGTERM, sending SIGKILL instead
killed f2b now, and now sentinel is working
peci1
November 22, 2024, 9:07pm
47
Weird, mine runs fine. What jails do you have activated?
Only OPENVPN. But Haas also stopped working, (it does run but not open on the outside) , and sentinel runs, but does not show any data in view.sentinel.
I rolled back to 7.01, and run the update again. But now with f2b running.
So, not sure, but this update does something with the whole sentinel/haas concept.
peci1
November 22, 2024, 9:32pm
50
I’m confused. So do you have f2b working after the second update?
Both f2b and sentinel/haas do work for me…
yes, f2b works now, but haas en sentinel not. They both run as in process, but no ping from outside.
Standard MOX classic, so not even a funky config.
I will try to re install the whole sentinel haas shebang, maybe that helps ( i have no clue)
what happens if you go to reforis> sentinel > Haas > Save?
Interesting, just updated the TO, and when i do that saving part, reforis is crashing.
peci1
November 24, 2024, 12:33pm
55
Have you cleared browser cache?
yep, and different browsers. Same result.
thats the first time, second time, crash.
And not even f2b running on the TO.
and this in the syslog
Nov 24 12:46:06 turrisxx procd: Instance sentinel-minipot::instance1 pid 10134 not stopped on SIGTERM, sending SIGKILL instead
redFOX
November 28, 2024, 11:51am
57
On my router i get the error from the Updater:
Error notifications
===================
Updater execution failed:
Stack Traceback
===============
(1) Lua function '?' at line 57 of chunk '"logging"]'
Local variables:
err = string: "[string \"transaction\"]:334: [string \"transaction\"]:142: Collisions:\
• /sbin/logread: syslog-ng (existing-file), logd (new-file)"
err2string = Lua function '?' (defined at line 38 of chunk "logging"])
msg = string: "\
[string \"transaction\"]:334: [string \"transaction\"]:142: Collisions:\
• /sbin/logread: syslog-ng (existing-file), logd (new-file)"
(*temporary) = table: 0xb11a6130 {msg:
[string "transaction"]:334: [string "transaction"]:142: Collisions:
• /sbin/logread: syslog-ng (existing-file), logd (new-file) (more...)}
(2) C function 'function: 0xb1169820'
(3) upvalue C function 'error'
(4) Lua function '?' at line 334 of chunk '"transaction"]'
Local variables:
operations = nil
journal_status = table: 0xb154fe00 {}
run_state = table: 0xb673d490 {initialized:true, init:function: 0xb673d610, lfile:userdata: 0xb669b3c8 (more...)}
step = Lua function '?' (defined at line 276 of chunk "transaction"])
dir_cleanups = table: 0xb175ad30 {1:/usr/share/updater/unpacked//updater-FjlbBa, 2:/usr/share/updater/unpacked//updater-Odnlbp (more...)}
status = table: 0xb669b410 {rainbow-animator:table: 0xb669b4d0, asterisk-res-format-attr-h264:table: 0xb672d400 (more...)}
errors_collected = table: 0xb154fec0 {}
ok = boolean: false
err = string: "[string \"transaction\"]:142: Collisions:\
• /sbin/logread: syslog-ng (existing-file), logd (new-file)"
(5) tail call
Local variables:
(*temporary) = C function: 0xb1169820
(6) Lua function '?' at line 425 of chunk '"transaction"]'
Local variables:
queue_cp = table: 0xb672f2f0 {1:table: 0xb10da380, 2:table: 0xb10da440, 3:table: 0xb10da530, 4:table: 0xb10da5f0 (more...)}
(*temporary) = Lua function '?' (defined at line 402 of chunk "transaction"]) Unknown error (Exit code: -6)
I want to Update form 7.0.3 to 7.1.
I have restart the router several times.