在 CentOS7 上,我让 fail2ban-client 完美运行,因为它按照配置禁止登录失败的 ips,但是当我查看它的 systemctl 状态时,它显示如果我尝试通过 systemctl 启动 fail2ban,它不会处于活动状态或处于失败状态。
$ sudo fail2ban-client start
37,359 fail2ban.server [19559]: INFO Starting Fail2ban v0.9.7
37,359 fail2ban.server [19559]: INFO Starting in daemon mode
$ sudo fail2ban-client status
Status
|- Number of jail: 14
`- Jail list: apache-auth, ...
$ sudo systemctl status fail2ban -l
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/fail2ban.service.d
└─limit.conf
Active: inactive (dead)
Docs: man:fail2ban(1)
$ sudo fail2ban-client stop
Shutdown successful
$ sudo systemctl start fail2ban
Job for fail2ban.service failed because a fatal signal was delivered to the control process. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
$ sudo systemctl status fail2ban -l
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/fail2ban.service.d
└─limit.conf
Active: failed (Result: start-limit) since Wed 2019-01-30 18:56:50 CET; 11s ago
Docs: man:fail2ban(1)
Process: 20154 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=killed, signal=SEGV)
systemd[1]: fail2ban.service: control process exited, code=killed status=11
systemd[1]: Failed to start Fail2Ban Service.
systemd[1]: Unit fail2ban.service entered failed state.
systemd[1]: fail2ban.service failed.
systemd[1]: fail2ban.service holdoff time over, scheduling restart.
systemd[1]: Stopped Fail2Ban Service.
systemd[1]: start request repeated too quickly for fail2ban.service
systemd[1]: Failed to start Fail2Ban Service.
systemd[1]: Unit fail2ban.service entered failed state.
systemd[1]: fail2ban.service failed.
/var/log/fail2ban.log
显示的内容不比上述内容更多systemctl status fail2ban -l
。为什么不通过 systemctl 启动?
答案1
将 fail2ban 添加到 systemctl 的正确方法如下:
fail2ban-client stop
systemctl enable fail2ban
systemctl start fail2ban
答案2
我遇到了同样的问题,服务 fail2ban 启动不起作用,但是'fail2ban-client-x启动' 有效,但当我尝试 '服务 fail2ban 状态' 它显示 fail2ban 无法启动。我找到了解决方法,试试这个
fail2ban-client -x stop
进而
service fail2ban start
预期结果如下:
fail2ban.service - Fail2Ban 服务已加载:已加载(/lib/systemd/system/fail2ban.service;已启用;供应商预设:已启用)活动:活跃(运行)
希望能帮助到你。