Ask Your Question
0

Trouble with fail2ban install

asked 2016-01-04 06:35:40 -0500

nobody gravatar image

Hi there! I use puppet 4.* (http://pastebin.com/6mFpPGGU) and try to install fail2ban module:

    [root@pm2-chel1 root]# puppet module install netmanagers-fail2ban
    Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ...
    Notice: Downloading from https://forgeapi.puppetlabs.com ...
    Notice: Installing -- do not interrupt ...
    /etc/puppetlabs/code/environments/production/modules
    L-T netmanagers-fail2ban (v1.4.0)
      +-- example42-monitor (v2.0.3)
      +-- example42-puppi (v2.1.12)
      +-- puppetlabs-concat (v1.2.5)
      L-- puppetlabs-stdlib (v4.10.0)
    [root@pm2-chel1 root]# echo "class { 'fail2ban': }" > /etc/puppetlabs/code/manifests/f2b.pp
    [root@pm2-chel1 root]# cat /etc/puppetlabs/code/manifests/f2b.pp
    class { 'fail2ban': }
    [root@pm2-chel1 root]# puppet apply /etc/puppetlabs/code/manifests/f2b.pp 
    Notice: Compiled catalog for pm2-chel1.is74.ru in environment production in 0.24 seconds
    Error: Parameter noop failed on Package[fail2ban]: Invalid value "". Valid values are true, false.  at /etc/puppetlabs/code/environments/production/modules/fail2ban/manifests/init.pp:424

but i can't... maybe someone can help me?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-01-04 07:22:45 -0500

nobody gravatar image

updated 2016-01-04 07:47:06 -0500

Find this: https://github.com/netmanagers/puppet... but:

                    [root@pm2-chel1 root]# cat /etc/puppetlabs/code/manifests/f2b.pp 
                class { 'fail2ban': 
                    noops => true,
            #        source => [ "puppet:///modules/example42/fail2ban/fail2ban.local-${hostname}" , "puppet:///modules/example42/fail2ban/fail2ban.local" ], 
                    source_dir       => false
            #        source_dir_purge => false, # Set to true to purge any existing file not present in $source_dir
                }
    [root@pm2-chel1 root]# puppet apply /etc/puppetlabs/code/manifests/f2b.pp 
    Notice: Compiled catalog for pm2-chel1.is74.ru in environment production in 0.24 seconds
    Notice: /Stage[main]/Fail2ban/Package[fail2ban]/ensure: current_value purged, should be present (noop)
    Notice: /Stage[main]/Fail2ban/File[fail2ban.local]/ensure: current_value absent, should be present (noop)
    Notice: /Stage[main]/Fail2ban/Service[fail2ban]/ensure: current_value stopped, should be running (noop)
    Notice: Class[Fail2ban]: Would have triggered 'refresh' from 3 events
    Notice: Stage[main]: Would have triggered 'refresh' from 1 events
    Notice: Applied catalog in 0.19 seconds

and i get other error (With "noops => false" same error):

    root@ipt2-chel1:~# puppet agent --no-daemonize --debug --onetime --environment=checklist
    ...
    Debug: Finishing transaction 20475560
    Debug: Loading external facts from /var/lib/puppet/facts.d
    Debug: Failed to load library 'msgpack' for feature 'msgpack'
    Debug: Puppet::Network::Format[msgpack]: feature msgpack is missing
    Debug: catalog supports formats: pson b64_zlib_yaml yaml dot raw
    Debug: Using cached connection for https://pm2-chel1.is74.ru:8140
    Debug: Caching connection for https://pm2-chel1.is74.ru:8140
    Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Resource Statement, Could not find declared class fail2ban at /etc/puppetlabs/code/environments/checklist/manifests/f2b.pp:1:1 on node ipt2-chel1.is74.ru
    Debug: Using cached catalog for ipt2-chel1.is74.ru
    Notice: Using cached catalog
    ...

    [root@pm2-chel1 root]# cat /etc/puppetlabs/code/environments/checklist/manifests/f2b.pp
    class { 'fail2ban':
      mailto         => 'root@some.mail',
      jails_config   => 'file',
      jails_template => 'fail2ban/jail.local.erb',
      jails          => ['ssh'],
      banaction      => 'sendmail-mod',
    }

    fail2ban::action { 'sendmail-mod':
    actionstart => '',
    actionstop => '',

    actionban => 'printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
                From: <sender> <<sender>>
                To: <dest>\n
                The IP <ip> has just been banned by Fail2Ban after
                <failures> attempts against <name>.\n\n
                Here are more information about <ip>:\n
                `/usr/bin/whois <ip>`\n
                \n
                " | /usr/sbin/sendmail -f <sender> <dest>',

    actioninitvars => [ "name = default", "dest = root","sender = ${fqdn}" ],
    }
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2016-01-04 06:35:40 -0500

Seen: 103 times

Last updated: Jan 04 '16