fail2ban
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
fail2ban [2010/09/13 15:57] k2patel |
fail2ban [2010/09/13 16:00] k2patel |
||
|---|---|---|---|
| Line 233: | Line 233: | ||
| ignoreip = 168.192.0.1 | ignoreip = 168.192.0.1 | ||
| </code> | </code> | ||
| + | |||
| + | NOTE : In above configuration i am using custom config file for "Treason uncloaked!"\\ | ||
| + | which require you to create new file as below. | ||
| + | |||
| + | <code bash | /etc/fail2ban/filter.d/kernel.conf> | ||
| + | # Fail2Ban configuration file | ||
| + | # | ||
| + | # Author: K2patel | ||
| + | # | ||
| + | # $Revision: 1 $ | ||
| + | # | ||
| + | |||
| + | [Definition] | ||
| + | |||
| + | # Option: failregex | ||
| + | # Notes.: regex to match the password failures messages in the logfile. The | ||
| + | # host must be matched by a group named "host". The tag "<HOST>" can | ||
| + | # be used for standard IP/hostname matching and is only an alias for | ||
| + | # (?:::f{4,6}:)?(?P<host>\S+) | ||
| + | # Values: TEXT | ||
| + | # | ||
| + | failregex = Treason uncloaked! Peer <HOST>:.*$ | ||
| + | |||
| + | # Option: ignoreregex | ||
| + | # Notes.: regex to ignore. If this regex matches, the line is ignored. | ||
| + | # Values: TEXT | ||
| + | # | ||
| + | ignoreregex = | ||
| + | </code> | ||
| + | |||
| Restart service now | Restart service now | ||
fail2ban.txt ยท Last modified: 2020/08/10 02:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
