Failed to execute ban jail 'sshd' action 'firewallcmd-ipset'?

Question

zoid009 @zoid009

Fail2ban

Failed to execute ban jail 'sshd' action 'firewallcmd-ipset'?

При срабатывании Jail для ssh, появляется дополнительная ошибка в журнале.

2020-07-09 17:34:25,096 fail2ban.server         [2592]: INFO    --------------------------------------------------
2020-07-09 17:34:25,096 fail2ban.server         [2592]: INFO    Starting Fail2ban v0.10.5
2020-07-09 17:34:25,111 fail2ban.database       [2592]: INFO    Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2020-07-09 17:34:25,112 fail2ban.jail           [2592]: INFO    Creating new jail 'sshd'
2020-07-09 17:34:25,132 fail2ban.jail           [2592]: INFO    Jail 'sshd' uses systemd {}
2020-07-09 17:34:25,132 fail2ban.jail           [2592]: INFO    Initiated 'systemd' backend
2020-07-09 17:34:25,134 fail2ban.filter         [2592]: INFO      maxLines: 1
2020-07-09 17:34:25,177 fail2ban.filtersystemd  [2592]: INFO    [sshd] Added journal match for: '_SYSTEMD_UNIT=sshd.service + _COMM=sshd'
2020-07-09 17:34:25,177 fail2ban.filter         [2592]: INFO      maxRetry: 5
2020-07-09 17:34:25,177 fail2ban.filter         [2592]: INFO      encoding: UTF-8
2020-07-09 17:34:25,177 fail2ban.actions        [2592]: INFO      banTime: 3600
2020-07-09 17:34:25,177 fail2ban.filter         [2592]: INFO      findtime: 650
2020-07-09 17:34:25,180 fail2ban.jail           [2592]: INFO    Jail 'sshd' started
2020-07-09 17:34:39,633 fail2ban.filter         [2592]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:39
2020-07-09 17:34:39,634 fail2ban.filter         [10348]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:39
2020-07-09 17:34:39,635 fail2ban.filter         [412]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:39
2020-07-09 17:34:43,034 fail2ban.filter         [412]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:43
2020-07-09 17:34:43,034 fail2ban.filter         [10348]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:43
2020-07-09 17:34:43,034 fail2ban.filter         [2592]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:43
2020-07-09 17:34:46,554 fail2ban.filter         [10348]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:46
2020-07-09 17:34:46,554 fail2ban.filter         [2592]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:46
2020-07-09 17:34:46,554 fail2ban.filter         [412]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:46
2020-07-09 17:34:49,283 fail2ban.filter         [2592]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:49
2020-07-09 17:34:49,283 fail2ban.filter         [412]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:49
2020-07-09 17:34:49,283 fail2ban.filter         [10348]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:49
2020-07-09 17:34:53,341 fail2ban.filter         [2592]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:53
2020-07-09 17:34:53,341 fail2ban.filter         [412]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:53
2020-07-09 17:34:53,342 fail2ban.filter         [10348]: INFO    [sshd] Found 10.0.0.4 - 2020-07-09 17:34:53
2020-07-09 17:34:53,415 fail2ban.actions        [2592]: NOTICE  [sshd] Ban 10.0.0.4
2020-07-09 17:34:53,485 fail2ban.actions        [10348]: WARNING [sshd] 10.0.0.4 already banned
2020-07-09 17:34:54,093 fail2ban.actions        [412]: NOTICE  [sshd] Ban 10.0.0.4
2020-07-09 17:34:54,421 fail2ban.utils          [412]: ERROR   7fe9a89e3d30 -- exec: ipset create f2b-sshd hash:ip timeout 600
firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -p tcp -m multiport --dports ssh -m set --match-set f2b-sshd src -j REJECT --reject-with icmp-port-unreachable
2020-07-09 17:34:54,421 fail2ban.utils          [412]: ERROR   7fe9a89e3d30 -- stderr: 'ipset v7.1: Set cannot be created: set with the same name already exists'
2020-07-09 17:34:54,421 fail2ban.utils          [412]: ERROR   7fe9a89e3d30 -- stderr: 'FirewallD is not running'
2020-07-09 17:34:54,422 fail2ban.utils          [412]: ERROR   7fe9a89e3d30 -- killed with signal 124 (return code: 252)
2020-07-09 17:34:54,422 fail2ban.actions        [412]: ERROR   Failed to execute ban jail 'sshd' action 'firewallcmd-ipset' info 'ActionInfo({'ip': '10.0.0.4', 'fid': <function <lambda> at 0x7fe9a8998a28>, 'family': 'inet4', 'raw-ticket': <function <lambda> at 0x7fe9a8998ed8>})': Error starting action Jail('sshd')/firewallcmd-ipset: 'Script error'