github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
fail2ban/config/filter.d/perdition.conf

19 lines
568 B
Plaintext
Raw Normal View History

DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-30 13:02:59 +00:00
# Fail2Ban filter for perdition
ENH: new filter perdition.conf
2013-07-19 10:14:53 +00:00
#
#
[INCLUDES]
before = common.conf
[Definition]
ENH: perdition proxies other types hence daemon can include (perdidtion.(imap|pop)s?|managesieve). Also support local authentication resulting in the log message: local authentication failure
2013-07-24 00:27:12 +00:00
_daemon=perdition.\S+
ENH: new filter perdition.conf
2013-07-19 10:14:53 +00:00
ENH: authentication_id can be an imap4 quoted string, whatever that is, so using .+ as its id
2013-07-24 00:44:52 +00:00
failregex = ^%(__prefix_line)sAuth: <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+ client-secure=\S+ authorisation_id=NONE authentication_id=".+" server="\S+" protocol=\S+ server-secure=\S+ status="failed: (local authentication failure|Re-Authentication Failure)"$
ENH: new filter perdition.conf
2013-07-19 10:14:53 +00:00
^%(__prefix_line)sFatal Error reading authentication information from client <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+: Exiting child$
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page
2013-10-30 13:02:59 +00:00
ignoreregex =
# Author: Christophe Carles and Daniel Black