Results 1 to 4 of 4

Thread: Z-push / Fail2ban / backend unavailable

  1. #1
    Junior Member
    Join Date
    Feb 2017
    Posts
    2

    Z-push / Fail2ban / backend unavailable

    Hi,

    I have configured fail2ban for z-push to identify user authentification failure.
    It's works well but I have a issue.

    Every night, I stop the backend for backup purpose. (30min)
    Then every device trying to sync during this time is banned because the authentification to the backend is unavailable.

    Is there a way to distinguish wrong credentials and backend timeout to ban only for wrong credentials ?

    Regards

    Sylvain

  2. #2
    Senior Member
    Join Date
    Nov 2007
    Location
    Belo Horizonte, Brazil
    Posts
    1,475
    Hi Sylvain,

    what exactly do mean you stop the backend?

    If the authentication is not available, then there's no way to tell if the credentials are right or wrong.

    Manfred
    Please do not PM me asking for support. Use the forum instead. Thank you.
    I usually check the mobility thread at the end of the day, so please have some patience if there's no immediate response. Asking to look at certain thread per PM won't result in a faster answer.

  3. #3
    Junior Member
    Join Date
    Feb 2017
    Posts
    2
    z-push and the zimbra backend are on different servers (VM).
    Every night I s"savestate" the Zimbra VM, clone it and then restart it.

    During this process Z-push is still receiving sync request but Zimbra is unavailable.
    So every sync request fall in timeout but z-push log it as wrong authentification.
    I'm asking a RFC to log this case as timeout or unavailable backend instead of wrong authentification.

    I hope it's more clear.

    regards

  4. #4
    Senior Member
    Join Date
    Nov 2007
    Location
    Belo Horizonte, Brazil
    Posts
    1,475
    Hi Sylvain,

    is it the suggested way to backup Zimbra (I don't know much about Zimbra)?

    You could also configure the Z-Push VM to respond with e.g. 503 (Service Temporarily Unavailable) or some other 500 code. However it might happen that the devices will do a complete resync when they connect again.

    Manfred
    Please do not PM me asking for support. Use the forum instead. Thank you.
    I usually check the mobility thread at the end of the day, so please have some patience if there's no immediate response. Asking to look at certain thread per PM won't result in a faster answer.

Similar Threads

  1. Z-push 2.3.5 on Centos7 and unavailable prerequisites
    By swimboy in forum Z-Push when using other backends
    Replies: 11
    Last Post: 07-04-2017, 03:45 PM
  2. z-push-autodiscover for CentOS7 depends on z-push-backend-ldap - Why?
    By liverpoolfcfan in forum General usage of Z-Push
    Replies: 1
    Last Post: 07-10-2016, 11:38 AM
  3. Z-Push Fail2Ban
    By bobs in forum General usage of Z-Push
    Replies: 10
    Last Post: 01-08-2016, 03:23 PM
  4. z-push https to zarafa backend
    By emtie in forum Installation, Configuration and Maintenance
    Replies: 11
    Last Post: 03-07-2015, 06:21 AM
  5. Z-Push 2.1.0 - what Backend Provider?
    By pcd in forum Z-Push when using Kopano/Zarafa
    Replies: 4
    Last Post: 11-10-2013, 11:51 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •