New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fail2ban.configreader prints warning to stderr (allowipv6) #1479
Comments
Which specific test is causing it? Then we can check if we can if we can redirect errors to /dev/null. Still, the warning could also be useful to know about. In this case it is showing you the message because it defaults to 'auto' as you didn't make the setting explicit (by any chance migrated from an older fail2ban? or older template file?). |
It's here in the output... [+] Software: System tooling
Seems it's not on all my systems, so trying to find what the difference is... I'm not seeing the message on our ubuntu 22 systems, but they don't have the commented allowipv6 (or anything mentioning allowipv6) in the entire config. |
Removing the entire commented block about allowipv6 from the /etc/fail2ban/fail2ban.conf doens't change the printing of the message though:
|
and if you set it (and make it explicit): I guess it is a version thing? Or are both the version on Debian 12 and Ubuntu 22 the exact same version? |
Ubuntu 20.04, Fail2ban v0.11.1 no issue However, both the debian and the ubuntu (both versions) don't have allowipv6 in their configs. Adding it to the debian12 config removes the warning, but shouldn't be needed. |
And more verbose output:
|
It's a feature added not long ago, so it makes sense that with Debian it shows up. A bit strange that they show the warning instead of just setting it to auto, as that is already the default. For some reason they want you to configure it, otherwise they should not list it as a warning. We could redirect errors to /dev/null, but then configuration issues would not show up. Sometimes these warnings/errors are a good bonus, even though we can't intercept them. When you run |
Errorcode is 0, and it prints the message to stderr indeed fail2ban-client -d > /dev/null ; echo $? |
Describe the bug
2024-04-03 13:31:13,490 fail2ban.configreader [223171]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Running 'lynis audit system' prints the above message to stderr.
I've checked the fail2ban configuration on the host, allowipv6 is only in there in a comment:
fail2ban.conf
58:# Option: allowipv6
62:#allowipv6 = auto
Version
Lynis 3.0.9
Expected behavior
No spurious output
The text was updated successfully, but these errors were encountered: