This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
fail2ban [2010/09/13 15:57] k2patel |
fail2ban [2010/09/13 16:00] k2patel |
||
---|---|---|---|
Line 233: | Line 233: | ||
ignoreip = 168.192.0.1 | ignoreip = 168.192.0.1 | ||
</code> | </code> | ||
+ | |||
+ | NOTE : In above configuration i am using custom config file for "Treason uncloaked!"\\ | ||
+ | which require you to create new file as below. | ||
+ | |||
+ | <code bash | /etc/fail2ban/filter.d/kernel.conf> | ||
+ | # Fail2Ban configuration file | ||
+ | # | ||
+ | # Author: K2patel | ||
+ | # | ||
+ | # $Revision: 1 $ | ||
+ | # | ||
+ | |||
+ | [Definition] | ||
+ | |||
+ | # Option: failregex | ||
+ | # Notes.: regex to match the password failures messages in the logfile. The | ||
+ | # host must be matched by a group named "host". The tag "<HOST>" can | ||
+ | # be used for standard IP/hostname matching and is only an alias for | ||
+ | # (?:::f{4,6}:)?(?P<host>\S+) | ||
+ | # Values: TEXT | ||
+ | # | ||
+ | failregex = Treason uncloaked! Peer <HOST>:.*$ | ||
+ | |||
+ | # Option: ignoreregex | ||
+ | # Notes.: regex to ignore. If this regex matches, the line is ignored. | ||
+ | # Values: TEXT | ||
+ | # | ||
+ | ignoreregex = | ||
+ | </code> | ||
+ | |||
Restart service now | Restart service now |