TheDutchLab

fail2ban and Debian 12

The Dutch Lab

Installing fail2ban enabling and starting it resulted in a few hikkups;

WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Failed during configuration: Have not found any log file for sshd jail
ERROR   Async configuration of server failed

And although the warnings were clear, I still struggled solving these.

In the end, as always, a few simple steps helped me forward.

Disable ipv6

sudo nano /etc/sysctl.conf and add the following to the bottom of the file.

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1

nano /etc/fail2ban/fail2ban.conf

Replace #allowipv6 = auto with the below value

allowipv6 = no

Then I still wasn't there since the service, after restarting it still exited. Checking the log at /var/log/fail2ban.log it stated Failed to initialize any backend for Jail 'sshd'"

For this you'll need to install python3-systemd, apt install python3-systemd

And make sure in your /etc/fail2ban/jail.local you have the following values added/enabled

[sshd]
enabled = true

[DEFAULT]
backend = systemd

Credits where credits due: link.

fail2ban and Debian 12