http://bugzilla.opensuse.org/show_bug.cgi?id=1103579 Bug ID: 1103579 Summary: missing installation requirement sqlite3 for fail2ban package Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: gweberbh@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- fail2ban version 0.10.3.1 release lp150.1.1 Standard configuration file fail2ban.conf has this entry: dbfile = /var/lib/fail2ban/fail2ban.sqlite3 However, sqlite3 is not required when fail2ban is installed, therefore sqlite3 may not be installed (as it did happened in my case). I understand that a missing sqlite3 means that the dbfile is never read by fail2ban when it restarts, and IPs that are already banned are not added to iptables (assuming that the configuration has a long bantime as it happens in my case). Symptom: upon restart or reboot, the iptables chain is much smaller than it was before (iptables -L -n|grep -c REJECT) Workaround: install sqlite3 manually (zypper install sqlite3), restart fail2ban (systemctl restart fail2ban), your list of banned IPs. Suggested fix: add sqlite3 to requirements or change the fail2ban.conf dbfile entry. rpm -qR fail2ban /bin/sh /bin/sh /bin/sh /bin/sh /usr/bin/env /usr/bin/python config(fail2ban) = 0.10.3.1-lp150.1.1 cron ed iptables logrotate python >= 2.6 python(abi) = 2.7 python-gamin >= 0.0.21 python-pyinotify >= 0.8.3 python-systemd rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(PayloadIsXz) <= 5.2-1 systemd systemd systemd systemd systemd > 204 whois -- You are receiving this mail because: You are on the CC list for the bug.