Fail2Ban - fails to start custom jails with action "hestia"

Hi there,

I’ve some customized fail2ban jails which I want to be managed by the hestia.conf action. Upon fail2ban restart, the start of my custom jail fails.

OS: Debian 10.9
Hestia: 1.3.5

Error Message:
*2021-03-31 10:59:31,751 fail2ban.jail [26639]: INFO Jail ‘baneban-recidive’ started *
*2021-03-31 10:59:32,041 fail2ban.utils [26639]: Level 39 7fba4033ace0 – exec: /usr/local/hestia/bin/v-add-firewall-chain BANEBAN-RECIDIVE *
*2021-03-31 10:59:32,041 fail2ban.utils [26639]: ERROR 7fba4033ace0 – stdout: ‘Usage: v-add-firewall-chain CHAIN PORT’ *
*2021-03-31 10:59:32,041 fail2ban.utils [26639]: ERROR 7fba4033ace0 – returned 1 *
2021-03-31 10:59:32,041 fail2ban.actions [26639]: ERROR Failed to start jail ‘baneban-recidive’ action ‘bn-ipset-hestia-act’: Error starting action Jail(‘baneban-recidive’)/bn-ipset-hestia-act

How
can I add the Port and the Protocol in order to get the jail startet properly?

Relevant extract from jail.local:
[baneban-recidive]
enabled = true
protocol = all
findtime = 432000
port = 1:79,81:442,444:65535
bantime = 31536000
filter = bn-recidive-fltr
action = hestia[name=BANEBAN-RECIDIVE]
logpath = /var/log/fail2ban.log
maxretry = 3

I already tried to add the variables to hestia.conf action file:

# Fail2Ban configuration file for hestia
[Definition]
actionstart = /usr/local/hestia/bin/v-add-firewall-chain
actionstop = /usr/local/hestia/bin/v-delete-firewall-chain
actioncheck = iptables -n -L INPUT | grep -q ‘fail2ban-[ \t]’
actionban = /usr/local/hestia/bin/v-add-firewall-ban
actionunban = /usr/local/hestia/bin/v-delete-firewall-ban

but this results in

*2021-03-31 11:02:53,101 fail2ban.jail [26639]: INFO Jail ‘baneban-recidive’ started *
*2021-03-31 11:02:53,842 fail2ban.utils [26639]: Level 39 7fba4033ace0 – exec: /usr/local/hestia/bin/v-add-firewall-chain *
*2021-03-31 11:02:54,241 fail2ban.utils [26639]: ERROR: stderr: ‘/bin/sh: 1: Syntax error: redirection unexpected’ *

Manually adding the chain via

/usr/local/hestia/bin/v-add-firewall-chain BANEBAN-RECIDIVE 1:79,81:442,444:65535 ALL

works fine but upon restart of Fail2Ban it will be overwritten and the error reoccurs.

Your hints to get my customized jails running and managed by Hestia will be highly appreciated!
I think there is a step missing but I can’t find it.

Cheers,
Mags