7

I have been using fail2ban for a while on my Ubuntu server. Recently (after upgrading to ubuntu 15.04 I assume) fail2ban has been failing to start.

Initially, this was because the port option had been specified twice somewhere - I fixed that.

Now I am getting the following error:

WARNING 'filter' not defined in 'sshd'. Using default one: ''
ERROR  Failed during configuration: Bad value substitution:
        section: [sshd]
        option : action
        key    : port
        rawval : ", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]

Here is a link to a pastebin of my jail.local configuration file: http://pastebin.com/KksbwT1r

I have removed the email addresses for privacy reasons.

starbeamrainbowlabs
  • 1,279

4 Answers4

4

On Ubuntu 16.04 had the same issue out of a sudden:

dec 17 08:58:41 xxx fail2ban-client[1342]: ERROR Failed during configuration: Bad value substitution: option 'action' in section 'sshd' contains an interpolation key 'port' which is not a valid option name. Raw value: '%(action_)s'

it turns out that on Ubuntu inside jail.d/defaults-debian.conf there is a jail confing that contained nothing but:

[sshd]

enabled = true

Commenting this lines out fixed the issue above.

Community
  • 1
Ionut Irofte
  • 41
  • 2
2

I noticed that after the upgrade to 15.04 when I check the webmin for a server that I have with the same issue, what I saw what that I had a new jail called "sshd" that had nothing defined as a filter. I deleted this jail and it now works again. To be clear, the ssh jail is still there,just the empty jail called sshd is gone. Outside of webmin I'm not sure where to find that jail. You pastebin looks clear of any invalid entries.

Randy_O
  • 430
1

After upgrading from 16.04 to 18.04 I ran into similar issues. For me it was sufficient to replace the .conf files with the .conf.dpkg-dist files.

sudo mv paths-common.conf paths-common.conf.old
sudo mv paths-common.conf.dpkg-dist paths-common.conf
sudo mv paths-debian.conf paths-debian.conf.old
sudo mv paths-debian.conf.dpkg-dist paths-debian.conf

I also had to apply these changes to /etc/fail2ban/jail.local, essentially replacing all occurrences of imap3 with either imap or imap2.

Afterwards fail2ban started without problems.

Gerald Schneider
  • 563
1

I had the same issue. Fix was: Port in jail.conf was missing.

martialblog
  • 43