Debugging fail2ban not starting

If when you’re trying to start Fail2ban you just get the following response:

Starting Fail2ban:                                         [FAILED]

And you check in the fail2ban log file (or system log) and find no errors, it is probably caused by your Fail2ban init script writing the output of the fail2ban-client to /dev/null, effectively just discarding the output. The easy way to debug this is to try directly calling the fail2ban-client which will print out any syntax errors found in its config files. Use it like so:

$ fail2ban-client -x start
WARNING 'action' not defined in 'php-url-fopen'. Using default value
WARNING 'action' not defined in 'lighttpd-fastcgi'. Using default value
ERROR  Error in action definition #iptables[name=SSH, port=ssh, protocol=tcp]
ERROR  Errors in jail 'ssh-iptables'. Skipping...

This should then highlight where the errors are in your config file(s) and allow you to resolve them. You could obviously change the behavior of your init script to stop it discarding the output.

  • Hi,
    I got exactly the same error example you showed here. where do I fix them. Please help.

    • Seb Dangerfield

      The fail2ban config files will probably be under /etc/fail2ban, so it would be a matter of editing the config files under there depending on your errors. It may just be a simple matter of removing (or commenting out if you prefer) the jails which are not relevant under the jails.conf file.

  • This helped to find the problem:
    fail2ban-client -x start
    Thank you.