Good morning,
I get an error “ipset clean-up: /usr/sbin/ipset -exist destroy crowdsec-blacklists” when I try to stop the crowdsec-firewall-bouncer service:
==> /var/log/crowdsec-firewall-bouncer.log <==
time="30-06-2024 12:42:46" level=info msg="Shutting down backend"
time="30-06-2024 12:42:46" level=info msg="iptables clean-up : /usr/sbin/iptables -D INPUT -m set --match-set crowdsec-blacklists src -j DROP"
time="30-06-2024 12:42:46" level=info msg="ipset clean-up : /usr/sbin/ipset -exist destroy crowdsec-blacklists"
time="30-06-2024 12:42:46" level=error msg="set destroy error : exit status 1 - ipset v7.10: Set cannot be destroyed: it is in use by a kernel component\n"
time="30-06-2024 12:42:46" level=info msg="iptables clean-up : /usr/sbin/ip6tables -D INPUT -m set --match-set crowdsec6-blacklists src -j DROP"
time="30-06-2024 12:42:46" level=info msg="ipset clean-up : /usr/sbin/ipset -exist destroy crowdsec6-blacklists"
time="30-06-2024 12:42:46" level=error msg="set destroy error : exit status 1 - ipset v7.10: Set cannot be destroyed: it is in use by a kernel component\n"
time="30-06-2024 12:42:46" level=fatal msg="process terminated with error: received SIGTERM"
And indeed in ipset, crowdsec6-blacklists persists!
However, if I run the command given in the log by hand it works without error / return 1:
# /usr/sbin/ipset -exist destroy crowdsec6-blacklists
# echo $?
0
#
It’s not harmful because the iptables entry is no longer there, but it shouldn’t be normal either:
# ipset list crowdsec-blacklists | head
Name: crowdsec-blacklists
Type: hash:net
Revision: 6
Header: family inet hashsize 16384 maxelem 131072 timeout 300
Size in memory: 1361416
References: 0
Number of entries: 29073
Members:
XXXXXXX timeout 563435
XXXXXXXX timeout 577838
# iptables -L | grep crow
DROP all -- anywhere anywhere match-set crowdsec-blacklists sr
# service crowdsec-firewall-bouncer stop
# iptables -L | grep crow
# ipset list crowdsec-blacklists | head
Name: crowdsec-blacklists
Type: hash:net
Revision: 6
Header: family inet hashsize 16384 maxelem 131072 timeout 300
Size in memory: 1361416
References: 0
Number of entries: 29073
Members:
XXXXXXX timeout 563400
XXXXXXXX timeout 577803
My Crowdsec :
# crowdsec --version
version: v1.6.2-debian-pragmatic-amd64-16bfab86
Codename: alphaga
BuildDate: 2024-05-31_09:15:34
GoVersion: 1.22.2
Platform: linux
libre2: C++
User-Agent: crowdsec/v1.6.2-debian-pragmatic-amd64-16bfab86-linux
Constraint_parser: >= 1.0, <= 3.0
Constraint_scenario: >= 1.0, <= 3.0
Constraint_api: v1
Constraint_acquis: >= 1.0, < 2.0
I found related topics without an answer to this problem:
Thank you and thank you for Crowdsec!