安装:
由于ubuntu 20.04已经默认没有python2,所以不使用python2来安装fail2ban,改使用python3来安装。
- 通过github下载fail2ban源码
wget https://github.com/fail2ban/fail2ban/archive/refs/tags/1.0.1.tar.gz
- 解压并进入目录
tar xzf 1.0.1.tar.gz && cd fail2ban-1.0.1
- 转版本
sudo apt install 2to3 python3-lib2to3 python3-toolz
执行fail2ban自带的fail2ban-2to3工具进行转换
./fail2ban-2to3
无意外最后会提示Success!
- 进行单元测试
$ sudo ./fail2ban-testcases-all-python3
Testing using /usr/bin/python3.8
Fail2ban 1.0.1 test suite. Python 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]. Please wait...
..............................................................................................................................................s..................................................ss..........................s.................................................................................................................................................................................................................
..........................................................................................
----------------------------------------------------------------------
Ran 521 tests in 15.517s
OK (skipped=2)
测试完成后,进行最后一步安装
- 安装
sudo python3 setup.py install
sudo cp build/fail2ban.service /lib/systemd/system/
- 尝试启动fail2ban
$ sudo systemctl start fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; disabled; vendor preset: enabled)
Active: active (running) since Thu 2022-09-29 14:42:14 CST; 5s ago
Docs: man:fail2ban(1)
Process: 1961727 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 1961736 (fail2ban-server)
Tasks: 3 (limit: 2212)
Memory: 10.4M
CGroup: /system.slice/fail2ban.service
└─1961736 /usr/bin/python3 /usr/local/bin/fail2ban-server -xf start
Sep 29 14:42:14 localhost systemd[1]: Starting Fail2Ban Service...
Sep 29 14:42:14 localhost systemd[1]: Started Fail2Ban Service.
Sep 29 14:42:14 localhost fail2ban-server[1961736]: 2022-09-29 14:42:14,354 fail2ban.configreader [1961736]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Sep 29 14:42:14 localhost fail2ban-server[1961736]: Server ready
可能出现的问题:
如果在sudo python3 setup.py install
安装过程中出现以下错误:
...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/server/ipdns.py to ipdns.cpython-38.pyc
File "/usr/local/lib/python3.8/dist-packages/fail2ban/server/ipdns.py", line 335
mask = ~(0xFFFFFFFFL >> cidr)
^
SyntaxError: invalid syntax
...
...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/tests/misctestcase.py to misctestcase.cpython-38.pyc
File "/usr/local/lib/python3.8/dist-packages/fail2ban/tests/misctestcase.py", line 259
print deep_function(3)
^
SyntaxError: invalid syntax
...
...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/tests/filtertestcase.py to filtertestcase.cpython-38.pyc
File "/usr/local/lib/python3.8/dist-packages/fail2ban/tests/filtertestcase.py", line 1778
% m for m in 53, 54, 57, 58])
^
SyntaxError: invalid syntax
或者启动失败,出现以下提示:
$ sudo systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2022-09-29 13:45:27 CST; 6s ago
Docs: man:fail2ban(1)
Process: 1957749 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
Process: 1957756 ExecStart=/usr/local/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
Main PID: 1957756 (code=exited, status=255/EXCEPTION)
Sep 29 13:45:26 localhost systemd[1]: Starting Fail2Ban Service...
Sep 29 13:45:26 localhost systemd[1]: Started Fail2Ban Service.
Sep 29 13:45:27 localhost fail2ban-server[1957756]: ERROR: No module named 'ConfigParser'
Sep 29 13:45:27 localhost systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
这时候就需要进行fail2ban的2to3转码,转码后重新进行安装。
如果2to3的过程中出现类似如下信息:
$ ./fail2ban-2to3
RefactoringTool: Skipping optional fixer: buffer
RefactoringTool: Skipping optional fixer: idioms
RefactoringTool: Skipping optional fixer: set_literal
RefactoringTool: Skipping optional fixer: ws_comma
RefactoringTool: No changes to bin/fail2ban-client
Traceback (most recent call last):
File "/usr/bin/2to3", line 5, in <module>
sys.exit(main("lib2to3.fixes"))
File "/usr/lib/python3.8/lib2to3/main.py", line 258, in main
rt.refactor(args, options.write, options.doctests_only,
File "/usr/lib/python3.8/lib2to3/refactor.py", line 686, in refactor
return super(MultiprocessRefactoringTool, self).refactor(
File "/usr/lib/python3.8/lib2to3/refactor.py", line 282, in refactor
self.refactor_file(dir_or_file, write, doctests_only)
File "/usr/lib/python3.8/lib2to3/refactor.py", line 727, in refactor_file
return super(MultiprocessRefactoringTool, self).refactor_file(
File "/usr/lib/python3.8/lib2to3/refactor.py", line 322, in refactor_file
input, encoding = self._read_python_source(filename)
File "/usr/lib/python3.8/lib2to3/refactor.py", line 318, in _read_python_source
return f.read(), encoding
File "/usr/lib/python3.8/codecs.py", line 322, in decode
(result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd0 in position 24: invalid continuation byte
可能这个fail2ban的安装副本不干净,之前或许执行过python3 setup.py install
,里面有一些二进制文件存在。这时候可以把fail2ban的安装目录删除,再重新从github中下载副本进行2to3转码安装。