Hi.
I am unable to start the service to ban mysql.
When I change enable to true a error has displayed and return to false.
Is possible block the mysql ?
Tanks

[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = hestia[name=DB]
logpath = /var/log/mysql.log
maxretry = 2

filter = mysqld-auth points to /etc/fail2ban/filters.d/mysqld-auth.conf.
The filter operates on /var/log/mysqld.log by default. Can you confirm that this logfile is there? On my installation it was in a different location.

journalctl -f -u fail2ban
Will show you the errors after an unsuccessful restart too.

If that turns out to be the case, then you can either change the error log file location in mysql config, or in fail2ban.

However, as this filter is just checking for bad logins from external IP addresses, you probably won’t need it unless you opened up the firewall to allow access to mysql.

NO, it is no there.

journalctl -f -u fail2ban = Is OK with server ready

My MySql allows external access.

Tried to change jail.local pointing to log_path = /var/log/error.log.
But it won’t.

In /etc/fail2ban/filters.d/mysqld-auth.conf. I uncomment 2 lines
log-erro=/var/log/mysqld.log
log-warnings=2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.