Updating jwhois on CentOS to solve v6nic errors

I use fail2ban on my servers, and I noticed whois queries to v6nic.net were running into problems. If you're having the same problems, here's how to fix them.

I use fail2ban on some of my servers, along with the "jwhois" application (to automatically return whois info in the automated fail2ban emails I receive).

I noticed that 43.229.53.15 was coming back in my emails as follows:

 [Querying whois.v6nic.net]
 [Unable to connect to remote host]
 missing whois program

This is because v6nic.net is defunct and has been taken over by a cybersquatter (discussion about this on the Red Hat Bugzilla). The whois server whois.apnic.net works adequately in its place.

The version of jwhois available from the epel repo for el6 (CentOS 6) is out of date:

jwhois.x86_64 4.0-19.el6 @base

rpmfind lists 4.0-43 for Fedora Core 24 as the latest version, but this isn't compatible (loads of dependency issues if you try and manually install).

So, let's fix it manually.

jwhois derives its list of whois servers from /etc/jwhois.conf (by default). Let's do a search/replace all with nano.

Assuming nano is installed (sudo yum install nano -y) do the following:
Press Ctrl \
Type in whois.v6nic.net and press Enter
Type in whois.apnic.net and press Enter
Press A to replace all found instances
Type Ctrl X to exit, then Y to save the changed file.
Done!

Related reading, if you've got nothing else to do...

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via email. You can also subscribe without commenting.

I