安装:

由于ubuntu 20.04已经默认没有python2,所以不使用python2来安装fail2ban,改使用python3来安装。

  1. 通过github下载fail2ban源码
wget https://github.com/fail2ban/fail2ban/archive/refs/tags/1.0.1.tar.gz
  1. 解压并进入目录
tar xzf 1.0.1.tar.gz && cd fail2ban-1.0.1
  1. 转版本
sudo apt install 2to3 python3-lib2to3 python3-toolz

执行fail2ban自带的fail2ban-2to3工具进行转换

./fail2ban-2to3 

无意外最后会提示Success!

  1. 进行单元测试
$ sudo ./fail2ban-testcases-all-python3
Testing using /usr/bin/python3.8
Fail2ban 1.0.1 test suite. Python 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]. Please wait...
..............................................................................................................................................s..................................................ss..........................s.................................................................................................................................................................................................................
..........................................................................................
----------------------------------------------------------------------
Ran 521 tests in 15.517s

OK (skipped=2)

测试完成后,进行最后一步安装

  1. 安装
sudo python3 setup.py install
sudo cp build/fail2ban.service /lib/systemd/system/
  1. 尝试启动fail2ban
$ sudo systemctl start fail2ban
● fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; disabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-09-29 14:42:14 CST; 5s ago
       Docs: man:fail2ban(1)
    Process: 1961727 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
   Main PID: 1961736 (fail2ban-server)
      Tasks: 3 (limit: 2212)
     Memory: 10.4M
     CGroup: /system.slice/fail2ban.service
             └─1961736 /usr/bin/python3 /usr/local/bin/fail2ban-server -xf start

Sep 29 14:42:14 localhost systemd[1]: Starting Fail2Ban Service...
Sep 29 14:42:14 localhost systemd[1]: Started Fail2Ban Service.
Sep 29 14:42:14 localhost fail2ban-server[1961736]: 2022-09-29 14:42:14,354 fail2ban.configreader   [1961736]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Sep 29 14:42:14 localhost fail2ban-server[1961736]: Server ready

可能出现的问题:

如果在sudo python3 setup.py install安装过程中出现以下错误:

...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/server/ipdns.py to ipdns.cpython-38.pyc
  File "/usr/local/lib/python3.8/dist-packages/fail2ban/server/ipdns.py", line 335
    mask = ~(0xFFFFFFFFL >> cidr)
                       ^
SyntaxError: invalid syntax
...
...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/tests/misctestcase.py to misctestcase.cpython-38.pyc
  File "/usr/local/lib/python3.8/dist-packages/fail2ban/tests/misctestcase.py", line 259
    print deep_function(3)
          ^
SyntaxError: invalid syntax
...
...
byte-compiling /usr/local/lib/python3.8/dist-packages/fail2ban/tests/filtertestcase.py to filtertestcase.cpython-38.pyc
  File "/usr/local/lib/python3.8/dist-packages/fail2ban/tests/filtertestcase.py", line 1778
    % m for m in 53, 54, 57, 58])
                   ^
SyntaxError: invalid syntax

或者启动失败,出现以下提示:

$ sudo systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; disabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2022-09-29 13:45:27 CST; 6s ago
       Docs: man:fail2ban(1)
    Process: 1957749 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
    Process: 1957756 ExecStart=/usr/local/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
   Main PID: 1957756 (code=exited, status=255/EXCEPTION)

Sep 29 13:45:26 localhost systemd[1]: Starting Fail2Ban Service...
Sep 29 13:45:26 localhost systemd[1]: Started Fail2Ban Service.
Sep 29 13:45:27 localhost fail2ban-server[1957756]: ERROR: No module named 'ConfigParser'
Sep 29 13:45:27 localhost systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION

这时候就需要进行fail2ban的2to3转码,转码后重新进行安装。

如果2to3的过程中出现类似如下信息:

$ ./fail2ban-2to3 
RefactoringTool: Skipping optional fixer: buffer
RefactoringTool: Skipping optional fixer: idioms
RefactoringTool: Skipping optional fixer: set_literal
RefactoringTool: Skipping optional fixer: ws_comma
RefactoringTool: No changes to bin/fail2ban-client
Traceback (most recent call last):
  File "/usr/bin/2to3", line 5, in <module>
    sys.exit(main("lib2to3.fixes"))
  File "/usr/lib/python3.8/lib2to3/main.py", line 258, in main
    rt.refactor(args, options.write, options.doctests_only,
  File "/usr/lib/python3.8/lib2to3/refactor.py", line 686, in refactor
    return super(MultiprocessRefactoringTool, self).refactor(
  File "/usr/lib/python3.8/lib2to3/refactor.py", line 282, in refactor
    self.refactor_file(dir_or_file, write, doctests_only)
  File "/usr/lib/python3.8/lib2to3/refactor.py", line 727, in refactor_file
    return super(MultiprocessRefactoringTool, self).refactor_file(
  File "/usr/lib/python3.8/lib2to3/refactor.py", line 322, in refactor_file
    input, encoding = self._read_python_source(filename)
  File "/usr/lib/python3.8/lib2to3/refactor.py", line 318, in _read_python_source
    return f.read(), encoding
  File "/usr/lib/python3.8/codecs.py", line 322, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd0 in position 24: invalid continuation byte

可能这个fail2ban的安装副本不干净,之前或许执行过python3 setup.py install,里面有一些二进制文件存在。这时候可以把fail2ban的安装目录删除,再重新从github中下载副本进行2to3转码安装。