Maltrail Failed to establish a new connection

Started by raywan, June 12, 2026, 09:00:00 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 12, 2026, 09:00:00 AM
Regarding to my last Maltrial fail2ban connection problem, i have manually added two command lines into FAIL2BAN_ALLOWLIST 127.0.0.1 & FAIL2BAN_ALLOWLIST 192.168.1.1/24 into /usr/local/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf to resolve fail2ban connection problem.
https://forum.opnsense.org/index.php?topic=52066.msg268118#msg268118
However, it only works for few hours only then appears alot of error message as below. I would like to confirm that Maltrial is working so far so good and i can access the fail2ban list from my pc without any problem. I have tried to restart all the service and reboot the firewall. It doesn't help to solve the connection problem.
Code Select
2026-06-12T12:54:00
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:54:00
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:48:45
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:48:45
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:42:02
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:42:02
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:37:03
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:37:03
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:32:01
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:32:01
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:27:00
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)
2026-06-12T12:27:00
Error
firewall
error fetching alias url http://127.0.0.1:8338/fail2ban (HTTPConnectionPool(host='127.0.0.1', port=8338): Max retries exceeded with url: /fail2ban (Caused by NewConnectionError("HTTPConnection(host='127.0.0.1', port=8338): Failed to establish a new connection: [Errno 61] Connection refused")))
2026-06-12T12:22:01
Error
firewall
alias resolve error BlocklistMaltrail (error fetching alias url http://127.0.0.1:8338/fail2ban)



June 14, 2026, 06:41:38 PM #1
The errors suggest that the issue is no longer fail2ban access itself, but that the Maltrail service listening on 127.0.0.1:8338 is stopping or crashing intermittently. Since the alias works for a while and then starts returning "Connection refused", I'd check whether the Maltrail sensor/server process is still running when the errors occur and review the Maltrail logs around that time. It may be worth investigating why the service on port 8338 is terminating rather than focusing on the allowlist configuration.
Print
Go Up Pages1
User actions