Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Mikklosh2019-10-03 12:21:06
Python
Mikklosh, 2019-10-03 12:21:06

Fail2ban How to configure regex expression?

fail2ban-server -V
Fail2Ban v0.9.7
There was a need to restrict access to port 873 on the server, I sketched a config:
fail2ban/jail.d/rsyncd.conf

[rsyncd]
enabled=true
port=873
filter=rsyncd
logpath= /var/log/
rsyncd.log maxretry=3
findtime=600
bantime=3600

fail2ban/filter.d/rsyncd.conf
[Definition]
failregex = \auth failed on module .* from .* \(\/) for .*: password mismatch
ignoreregex =

In the logs themselves, the message looks like this:
2019/10/02 09:19:29 [104094] connect from UNDETERMINED (10.20.15.18
) mismatch

As far as I understand, the problem is in the expression itself:
failregex = \auth failed on module .* from .* \(\/) for .*: password mismatch

Tell me where is the mistake, please.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
AUser0, 2019-10-03
@Mikklosh

failregex = auth failed on module [^ ]+ from [^ ]+ \(([0-9.]+)\) for [^ ]+: password mismatch

Similar questions
A
Andrew2017-10-27 23:56:49
When does a class return an object when it is created? 2Reply
P
Pashchuk Ilya2017-11-25 00:20:36
Why might the sticky positioning property not work in the safari browser? 1Reply
S
sergemin2017-12-15 17:07:56
How to get url to display products using ajax? 0Reply
D
Dmitry Polyakov2017-12-24 17:24:23
What are the hooks for the submit event? 3Reply
J
Julia2017-12-29 14:44:59
How to change the name of a site bookmark? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question