Fail2ban Error on start

Question

Recently, I have tried restarting Fail2ban and I have received an error, making it impossible to start... The full error I received from systemctl status fail2ban is as follows:

Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Jan 03 18:27:02 nerdofcode.com systemd[1]: Failed to start Fail2Ban Service.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Unit entered failed state.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Failed with result 'exit-code'.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Service hold-off time over, scheduling restart.
Jan 03 18:27:02 nerdofcode.com systemd[1]: Stopped Fail2Ban Service.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Start request repeated too quickly.
Jan 03 18:27:02 nerdofcode.com systemd[1]: Failed to start Fail2Ban Service.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Unit entered failed state.
Jan 03 18:27:02 nerdofcode.com systemd[1]: fail2ban.service: Failed with result 'exit-code'.

The full output of cat /var/log/fail2ban.log is:

2018-01-03 18:06:28,337 fail2ban.server         [25119]: INFO    
Exiting Fail2ban

I would appreciate any suggestions or solutions towards this issue.

Then check `/var/log/fail2ban.log`. Hopefully it will give you a detailed trace of the reason of failure. — bistoco, Jan 04 '18 at 00:33
[This may help](http://www.sebdangerfield.me.uk/2011/08/debugging-fail2ban-not-starting/) — bistoco, Jan 04 '18 at 00:38
This has temporarily fixed the issue. But, I'm looking for a long term fix — NerdOfCode, Jan 04 '18 at 00:41
That's not a solution, it will help you to identify errors on your config, so you can fix them and then restart the service properly. — bistoco, Jan 04 '18 at 00:43

score 12 · Answer 1 · answered Aug 23 '19 at 07:23

12

There is a good chance that the error has been logged to /var/log/fail2ban.log however you can also see what the problem is by running fail2ban-client -x start and you will get something descriptive.

In my case it was an exim rejectlog that did not yet exist.

Credit to @bistoco's comment on the question.

answered Aug 23 '19 at 07:23

Duncanmoo

2,310
1
15
15

2

`fail2ban-client -x start` is very helpful! In my case there was nothing in `/var/log/fail2ban.log` – Peter Kionga-Kamau Aug 06 '22 at 14:48

score 0 · Answer 2 · answered Mar 08 '20 at 22:06

The error was not logged in /var/log/fail2ban.log as suggested elsewhere. You better stop beforehand the fail2ban process. On systemd you do a :

sudo /usr/bin/fail2ban-client stop

For my case it wasn't even running so after that I manually started fail2ban and it finally gave me the error:

$ sudo /usr/bin/fail2ban-client stop
RROR  Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?
$ sudo /usr/bin/fail2ban-client -x start
ERROR  No file(s) found for glob /var/log/apache2/*error.log
ERROR  Failed during configuration: Have not found any log file for apache-shellshock jail

I went on a corrected the apache-shellshock instructions in /etc/fail2ban/jail.local and restarted fail2ban and it worked.

Fail2ban Error on start

2 Answers2