fail2ban
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
fail2ban [2010/09/13 15:57] k2patel |
fail2ban [2012/06/07 10:59] k2patel [Rotate log] |
||
|---|---|---|---|
| Line 233: | Line 233: | ||
| ignoreip = 168.192.0.1 | ignoreip = 168.192.0.1 | ||
| </code> | </code> | ||
| + | |||
| + | NOTE : In above configuration i am using custom config file for "Treason uncloaked!"\\ | ||
| + | which require you to create new file as below. | ||
| + | |||
| + | <code bash | /etc/fail2ban/filter.d/kernel.conf> | ||
| + | # Fail2Ban configuration file | ||
| + | # | ||
| + | # Author: K2patel | ||
| + | # | ||
| + | # $Revision: 1 $ | ||
| + | # | ||
| + | |||
| + | [Definition] | ||
| + | |||
| + | # Option: failregex | ||
| + | # Notes.: regex to match the password failures messages in the logfile. The | ||
| + | # host must be matched by a group named "host". The tag "<HOST>" can | ||
| + | # be used for standard IP/hostname matching and is only an alias for | ||
| + | # (?:::f{4,6}:)?(?P<host>\S+) | ||
| + | # Values: TEXT | ||
| + | # | ||
| + | failregex = Treason uncloaked! Peer <HOST>:.*$ | ||
| + | |||
| + | # Option: ignoreregex | ||
| + | # Notes.: regex to ignore. If this regex matches, the line is ignored. | ||
| + | # Values: TEXT | ||
| + | # | ||
| + | ignoreregex = | ||
| + | </code> | ||
| + | |||
| Restart service now | Restart service now | ||
| Line 291: | Line 321: | ||
| missingok | missingok | ||
| compress | compress | ||
| - | size=+4096k | + | size 4M |
| postrotate | postrotate | ||
| /etc/init.d/fail2ban reload | /etc/init.d/fail2ban reload | ||
fail2ban.txt ยท Last modified: 2020/08/10 02:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
