问题出在哪里:
首先,我尝试从 ISPmanager UI 安装 fail2ban,fail2ban 已安装,但我收到与包相关的错误coremanager-pkg-fail2ban,并且 fail2ban 不起作用,因此我尝试使用 ISPmanager UI 并使用命令将其卸载,apt-get remove coremanager-pkg-fail2ban但它说没有具有此名称的包,并且这个错误仍然存在:
错误
我照做了apt-get remove fail2ban,apt-get purge auto-remove fail2ban之后我使用命令重新安装了 fail2ban apt-get install fail2ban,但出现了这个错误:failed to validate path /var/run/fail2ban too many levels of symbolic links。我搜索了一下,找到了这个答案https://serverfault.com/a/949286/521284,这解决了我的 fail2ban 问题,现在 fail2ban 正在我的服务器上运行:
root# systemctl status fail2ban
fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2019-04-29 15:44:15 EDT; 18min ago
Docs: man:fail2ban(1)
Process: 293 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=0/SUCCESS)
Main PID: 411 (fail2ban-server)
CGroup: /system.slice/fail2ban.service
└─411 /usr/bin/python3 /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b
Apr 29 15:44:13 testdomain systemd[1]: Starting Fail2Ban Service...
Apr 29 15:44:14 testdomain fail2ban-client[293]: 2019-04-29 15:44:14,540 fail2ban.server [374]: INFO Starting Fail2ban v0.9.3
Apr 29 15:44:14 testdomain fail2ban-client[293]: 2019-04-29 15:44:14,541 fail2ban.server [374]: INFO Starting in daemon mode
Apr 29 15:44:15 testdomain systemd[1]: Started Fail2Ban Service.
但是当我这样做时,ufw enable我收到此错误并且我的操作系统崩溃,我需要重新启动操作系统:
root# ufw enable
ERROR: problem running ufw-init
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab127.2/modules.builtin.bin'
modprobe: FATAL: Module nf_conntrack_ftp not found in directory /lib/modules/2.6.32-042stab127.2
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab127.2/modules.builtin.bin'
modprobe: FATAL: Module nf_nat_ftp not found in directory /lib/modules/2.6.32-042stab127.2
modprobe: ERROR: ../libkmod/libkmod.c:514 lookup_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab127.2/modules.builtin.bin'
modprobe: FATAL: Module nf_conntrack_netbios_ns not found in directory /lib/modules/2.6.32-042stab127.2
iptables-restore: line 4 failed
iptables-restore: line 77 failed
iptables-restore: line 30 failed
ip6tables-restore: line 4 failed
ip6tables-restore: line 138 failed
ip6tables-restore: line 30 failed
sysctl: permission denied on key 'net.ipv4.tcp_sack'
Problem running '/etc/ufw/before.rules'
Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'
Problem running '/etc/ufw/user6.rules'
我正在尝试解决这个问题ufw,有人能帮忙吗?我的 ubuntu 版本是 16.04。我正在使用 Apache2
答案1
您的“虚拟机”不是真正的虚拟机,而是 OpenVZ“容器”(不是现代容器,而是古老的 LXC 前容器)。OpenVZ 不允许容器加载内核模块,而您必须这样做才能使用您尝试使用的防火墙功能。此外,他们提供的基于 2.6.32 的内核太旧了,无法使用许多现代 Linux 功能。它是在 2009 年发布的!
要解决该问题,请从其他提供商处获取不使用 OpenVZ 或其商业变体 Virtuozzo 的新 VPS。