わかりませんが、Fail2banが期待しているログレベルの形式は、両方のようです...
基本的に、ログレベルを数値で設定すると、構成が拒否され、上記のエラーメッセージが表示されます。
しかし、文字列を使用してログレベル(エラー、警告、通知、情報、デバッグ)を設定すると、すべてが正しく機能します。
私の理解では、fail2banはfail2ban.conf
ファイルで両方の形式をサポートしていますが、これは私が経験していることではありません。
/etc/fail2ban/fail2ban.conf loglevel = 1
を設定します
fail2ban.log
に表示されるエラーメッセージのみが表示されることを期待しています
fail2ban-client reload
にエラーメッセージERROR NOK: ('Invalid log level',)
が表示されました
これは、fail2banをセットアップするためのサードパーティツール( Webmin#742 )に影響を与えています。
それがfail2banの問題なのかDebianパッケージメンテナの問題なのか100%わからない...
fail2ban構成リーダーは、文字列#657がここに影響を与えるかどうかわからないことを期待しています...
この構成は機能していません。 loglevel
を参照してください
# Fail2Ban main configuration file
#
# Comments: use '#' for comment lines and ';' (following a space) for inline comments
#
# Changes: in most of the cases you should not modify this
# file, but provide customizations in fail2ban.local file, e.g.:
#
# [Definition]
# loglevel = DEBUG
#
[Definition]
# Option: loglevel
# Notes.: Set the log level output.
# CRITICAL
# ERROR
# WARNING
# NOTICE
# INFO
# DEBUG
# Values: [ LEVEL ] Default: ERROR
#
loglevel = 1
# Option: logtarget
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
# Only one log target can be specified.
# If you change logtarget from the default value and you are
# using logrotate -- also adjust or disable rotation in the
# corresponding configuration file
# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
#
logtarget = /var/log/fail2ban.log
# Option: syslogsocket
# Notes: Set the syslog socket file. Only used when logtarget is SYSLOG
# auto uses platform.system() to determine predefined paths
# Values: [ auto | FILE ] Default: auto
syslogsocket = auto
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do
# not remove this file when Fail2ban runs. It will not be possible to
# communicate with the server afterwards.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock
#
socket = /var/run/fail2ban/fail2ban.sock
# Option: pidfile
# Notes.: Set the PID file. This is used to store the process ID of the
# fail2ban server.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid
#
pidfile = /var/run/fail2ban/fail2ban.pid
# Options: dbfile
# Notes.: Set the file for the fail2ban persistent data to be stored.
# A value of ":memory:" means database is only stored in memory
# and data is lost when fail2ban is stopped.
# A value of "None" disables the database.
# Values: [ None :memory: FILE ] Default: /var/lib/fail2ban/fail2ban.sqlite3
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
# Options: dbpurgeage
# Notes.: Sets age at which bans should be purged from the database
# Values: [ SECONDS ] Default: 86400 (24hours)
dbpurgeage = 86400
この構成は正しく機能しています
# Fail2Ban main configuration file
#
# Comments: use '#' for comment lines and ';' (following a space) for inline comments
#
# Changes: in most of the cases you should not modify this
# file, but provide customizations in fail2ban.local file, e.g.:
#
# [Definition]
# loglevel = DEBUG
#
[Definition]
# Option: loglevel
# Notes.: Set the log level output.
# CRITICAL
# ERROR
# WARNING
# NOTICE
# INFO
# DEBUG
# Values: [ LEVEL ] Default: ERROR
#
loglevel = INFO
# Option: logtarget
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
# Only one log target can be specified.
# If you change logtarget from the default value and you are
# using logrotate -- also adjust or disable rotation in the
# corresponding configuration file
# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
#
logtarget = /var/log/fail2ban.log
# Option: syslogsocket
# Notes: Set the syslog socket file. Only used when logtarget is SYSLOG
# auto uses platform.system() to determine predefined paths
# Values: [ auto | FILE ] Default: auto
syslogsocket = auto
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do
# not remove this file when Fail2ban runs. It will not be possible to
# communicate with the server afterwards.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock
#
socket = /var/run/fail2ban/fail2ban.sock
# Option: pidfile
# Notes.: Set the PID file. This is used to store the process ID of the
# fail2ban server.
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid
#
pidfile = /var/run/fail2ban/fail2ban.pid
# Options: dbfile
# Notes.: Set the file for the fail2ban persistent data to be stored.
# A value of ":memory:" means database is only stored in memory
# and data is lost when fail2ban is stopped.
# A value of "None" disables the database.
# Values: [ None :memory: FILE ] Default: /var/lib/fail2ban/fail2ban.sqlite3
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
# Options: dbpurgeage
# Notes.: Sets age at which bans should be purged from the database
# Values: [ SECONDS ] Default: 86400 (24hours)
dbpurgeage = 86400
ログレベルが* 1 *に設定されている場合
2017-12-27 06:50:02,125 fail2ban.jail [8231]: INFO Jail 'libwww-perl' stopped
2017-12-27 06:50:02,630 fail2ban.jail [8231]: INFO Jail 'apache-auth' stopped
2017-12-27 06:50:02,957 fail2ban.jail [8231]: INFO Jail 'apache-noscript' stopped
2017-12-27 06:50:03,879 fail2ban.jail [8231]: INFO Jail 'WebServerScanner' stopped
2017-12-27 06:50:04,344 fail2ban.jail [8231]: INFO Jail 'pass2allow-ftp' stopped
2017-12-27 06:50:05,180 fail2ban.jail [8231]: INFO Jail 'php-url-fopen' stopped
2017-12-27 06:50:05,183 fail2ban.transmitter [8231]: WARNING Command ['set', 'loglevel', '1'] has failed. Received ValueError('Invalid log level',)
2017-12-27 06:50:05,186 fail2ban.server [8231]: INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-12-27 06:50:05,187 fail2ban.jail [8231]: INFO Creating new jail 'sshd-ddos'
2017-12-27 06:50:05,188 fail2ban.jail [8231]: INFO Jail 'sshd-ddos' uses pyinotify {}
2017-12-27 06:50:05,206 fail2ban.jail [8231]: INFO Initiated 'pyinotify' backend
2017-12-27 06:50:05,209 fail2ban.actions [8231]: INFO Set banTime = 60000
2017-12-27 06:50:05,210 fail2ban.filter [8231]: INFO Set jail log file encoding to UTF-8
2017-12-27 06:50:05,213 fail2ban.filter [8231]: INFO Set findtime = 600
2017-12-27 06:50:05,216 fail2ban.filter [8231]: INFO Added logfile = /var/log/auth.log
ログレベルがINFOに設定されている場合
2017-12-27 06:55:42,222 fail2ban.jail [8231]: INFO Jail 'libwww-perl' stopped
2017-12-27 06:55:43,128 fail2ban.jail [8231]: INFO Jail 'apache-auth' stopped
2017-12-27 06:55:43,422 fail2ban.jail [8231]: INFO Jail 'apache-noscript' stopped
2017-12-27 06:55:44,296 fail2ban.jail [8231]: INFO Jail 'WebServerScanner' stopped
2017-12-27 06:55:44,857 fail2ban.jail [8231]: INFO Jail 'pass2allow-ftp' stopped
2017-12-27 06:55:45,353 fail2ban.jail [8231]: INFO Jail 'php-url-fopen' stopped
2017-12-27 06:55:45,362 fail2ban.server [8231]: INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2017-12-27 06:55:45,367 fail2ban.jail [8231]: INFO Creating new jail 'sshd-ddos'
2017-12-27 06:55:45,368 fail2ban.jail [8231]: INFO Jail 'sshd-ddos' uses pyinotify {}
2017-12-27 06:55:45,386 fail2ban.jail [8231]: INFO Initiated 'pyinotify' backend
2017-12-27 06:55:45,391 fail2ban.filter [8231]: INFO Set findtime = 600
2017-12-27 06:55:45,396 fail2ban.filter [8231]: INFO Added logfile = /var/log/auth.log
ご入力いただきありがとうございます
敬具
マット
v.0.10以降、両方の形式のログレベルを使用できます(数値も使用できます)。
ところで。 したがって、値1は、非常に重いデバッグレベルになります。
対応する数値については、Pythonドキュメントのログレベルを参照してください。
#1968の複製
@sebres 、
ログレベルの設定に関して、どのように行われるかを明確にするためです。
私の理解は
< 0.8.x : set log level using numeric only
0.9.x : set log level using string only
> 0.10 : Set log level with both numeric and string
私はこの声明で正しいですか?
説明をありがとう
マット
\ <0.8.x:数値のみを使用してログレベルを設定
確かにそう見えますが、コードによると、それは別の「数値」[0..3]でした。
これで、数値はpython-loggingが期待する値と同じになります。
OK、それからそれはこのように要約されるでしょう:
< 0.8.x : set log level using numeric only [ 0...3]
0.9.x : set log level using string only
> 0.10 : Set log level with both numeric and string (python log level)
_ソース:_
<0.8.x
https://github.com/fail2ban/fail2ban/blob/0.8/server/server.py#L321
0.9.x
https://github.com/fail2ban/fail2ban/blob/0.9/fail2ban/client/fail2banreader.py
https://github.com/fail2ban/fail2ban/blob/0.9/fail2ban/server/server.py#L#316
> 0.10
https://github.com/fail2ban/fail2ban/issues/1968
https://github.com/fail2ban/fail2ban/blob/0.9/fail2ban/server/server.py#L#529
マット
最も参考になるコメント
v.0.10以降、両方の形式のログレベルを使用できます(数値も使用できます)。
ところで。 したがって、値1は、非常に重いデバッグレベルになります。
対応する数値については、Pythonドキュメントのログレベルを参照してください。
#1968の複製