啟動 fail2ban 出現錯誤訊息
# systemctl status fail2ban
● fail2ban.service – Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Fri 2017-02-17 12:46:16 CST; 2min 55s ago
Docs: man:fail2ban(1)
Process: 972 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
Feb 17 12:46:16 NPC11 systemd[1]: Failed to start Fail2Ban Service.
Feb 17 12:46:16 NPC11 systemd[1]: Unit fail2ban.service entered failed state.
Feb 17 12:46:16 NPC11 systemd[1]: fail2ban.service failed.
Feb 17 12:46:16 NPC11 systemd[1]: fail2ban.service holdoff time over, sche…t.
Feb 17 12:46:16 NPC11 systemd[1]: start request repeated too quickly for f…ce
Feb 17 12:46:16 NPC11 systemd[1]: Failed to start Fail2Ban Service.
Feb 17 12:46:16 NPC11 systemd[1]: Unit fail2ban.service entered failed state.
Feb 17 12:46:16 NPC11 systemd[1]: fail2ban.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
檢查 /var/log/message 中的紀錄
# grep -i fail2ban /var/log/message
Feb 17 04:46:15 NPC11 systemd: Starting Fail2Ban Service…
Feb 17 04:46:15 NPC11 fail2ban-client: ERROR There is no directory /var/run/fail2ban to contain the socket file /var/run/fail2ban/fail2ban.sock.
Feb 17 04:46:15 NPC11 systemd: fail2ban.service: control process exited, code=exited status=255
Feb 17 04:46:15 NPC11 systemd: Failed to start Fail2Ban Service.
Feb 17 04:46:15 NPC11 systemd: Unit fail2ban.service entered failed state.
Feb 17 04:46:15 NPC11 systemd: fail2ban.service failed.
看起來似乎是在 /var/run/fail2ban 目錄下找不到 fail2ban.sock 這一個檔案
[@more@]解決方式:
1. 建立目錄
# mkdir /var/run/fail2ban
2. 重新啟動 fail2ban 就正常了!
# systemctl enable fail2ban.service;systemctl start fail2ban.service