Answer the question
In order to leave comments, you need to log in
G
G
Guarmcze2020-07-08 21:04:23
Guarmcze, 2020-07-08 21:04:23
Who set up the work of fail2ban and guacamole, tell me?
Hello.
Has anyone set up fail2ban and guacamole to work in recent editions?
What logs should fail2ban be set to? To the Tomcat logs? Or something else?
I read about tomcat, but I don’t know how to determine the wrong login and password. Or am I looking in the wrong place? Nginx proxies to tomcat with Guacamole, everything works on the same machine.
In the server.xml file, I adjusted / changed only this:
spoiler
address="127.0.0.1"
URIEncoding="UTF-8"
port="8009"
redirectPort="8443" />
…
prefix="localhost_access_logGUAC." suffix=".txt"
remoteIpHeader="X-Forwarded-For"
requestAttributesEnabled="true"
internalProxies="127\.0\.0\.1"
pattern=" %{X-Forwarded-For}i %l %u %t "%r" %s %b" />
internalProxies="127\.0\.[0-1]\.1"
remoteIpHeader="x-forwarded-for"
requestAttributesEnabled="true"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
URIEncoding="UTF-8"
port="8009"
redirectPort="8443" />
…
prefix="localhost_access_logGUAC." suffix=".txt"
remoteIpHeader="X-Forwarded-For"
requestAttributesEnabled="true"
internalProxies="127\.0\.0\.1"
pattern=" %{X-Forwarded-For}i %l %u %t "%r" %s %b" />
internalProxies="127\.0\.[0-1]\.1"
remoteIpHeader="x-forwarded-for"
requestAttributesEnabled="true"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
This is what appears in the tomcat logs:
spoiler
192.168.3.10 - - [08/Jul/2020:17:28:22 +0300] "GET /guacamole/app.js?v=1.2.0 HTTP/1.1" 200 371334
192.168.3.10 - - [08/Jul/2020:17:28:22 +0300] "GET /guacamole/app.css?v=1.2.0 HTTP/1.1" 200 60873
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/api/patches HTTP/1.1" 200 352
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/api/languages HTTP/1.1" 200 205
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/translations/ru.json HTTP/1.1" 200 33038
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/translations/en.json HTTP/1.1" 200 46959
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/app/ext/tempnamespace/images/logo-placeholder.png HTTP/1.1" 200 3809
192.168.3.10 - - [08/Jul/2020:17:28:27 +0300] "POST /guacamole/api/tokens HTTP/1.1" 403 269
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "POST /guacamole/api/tokens HTTP/1.1" 200 179
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "POST /guacamole/api/tokens HTTP/1.1" 200 179
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "GET /guacamole/api/patches?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 352
192.168.3.10 - - [08/Jul/2020:17:28:37 +0300] "GET /guacamole/api/session/data/mysql-shared/self/permissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 236
192.168.3.10 - - [08/Jul/2020:17:28:37 +0300] "GET /guacamole/api/session/data/mysql-shared/connectionGroups/ROOT/tree?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 134
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql/self/permissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 221
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql/connectionGroups/ROOT/tree?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 937
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql-shared/self/effectivePermissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 236
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql-shared/activeConnections?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 12
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/activeConnections?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 12
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/self/effectivePermissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 258
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/users/user1?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 178
192.168.3.10 - - [08/Jul/2020:17:28:43 +0300] "DELETE /guacamole/api/tokens/12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 204 -
192.168.3.10 - - [08/Jul/2020:17:28:43 +0300] "POST /guacamole/api/tokens HTTP/1.1" 403 269
192.168.3.10 - - [08/Jul/2020:17:28:22 +0300] "GET /guacamole/app.css?v=1.2.0 HTTP/1.1" 200 60873
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/api/patches HTTP/1.1" 200 352
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/api/languages HTTP/1.1" 200 205
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/translations/ru.json HTTP/1.1" 200 33038
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/translations/en.json HTTP/1.1" 200 46959
192.168.3.10 - - [08/Jul/2020:17:28:23 +0300] "GET /guacamole/app/ext/tempnamespace/images/logo-placeholder.png HTTP/1.1" 200 3809
192.168.3.10 - - [08/Jul/2020:17:28:27 +0300] "POST /guacamole/api/tokens HTTP/1.1" 403 269
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "POST /guacamole/api/tokens HTTP/1.1" 200 179
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "POST /guacamole/api/tokens HTTP/1.1" 200 179
192.168.3.10 - - [08/Jul/2020:17:28:36 +0300] "GET /guacamole/api/patches?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 352
192.168.3.10 - - [08/Jul/2020:17:28:37 +0300] "GET /guacamole/api/session/data/mysql-shared/self/permissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 236
192.168.3.10 - - [08/Jul/2020:17:28:37 +0300] "GET /guacamole/api/session/data/mysql-shared/connectionGroups/ROOT/tree?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 134
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql/self/permissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 221
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql/connectionGroups/ROOT/tree?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 937
192.168.3.10 - - [08/Jul/2020:17:28:38 +0300] "GET /guacamole/api/session/data/mysql-shared/self/effectivePermissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 236
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql-shared/activeConnections?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 12
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/activeConnections?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 12
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/self/effectivePermissions?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 258
192.168.3.10 - - [08/Jul/2020:17:28:39 +0300] "GET /guacamole/api/session/data/mysql/users/user1?token=12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 200 178
192.168.3.10 - - [08/Jul/2020:17:28:43 +0300] "DELETE /guacamole/api/tokens/12B3E6CED91A186DFF2D2E095DF0C0F72F95C099F72AF6E768BEE567E446B6D0 HTTP/1.1" 204 -
192.168.3.10 - - [08/Jul/2020:17:28:43 +0300] "POST /guacamole/api/tokens HTTP/1.1" 403 269
Similar questions
Z
X
K
A
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question