fail2ban/config/filter.d/softethervpn.conf

# Fail2Ban filter for SoftEtherVPN
# Detecting unauthorized access to SoftEtherVPN
# typically logged in /usr/local/vpnserver/security_log/*/sec.log, or in syslog, depending on configuration

[INCLUDES]
before = common.conf

[Definition]
failregex = ^%(__prefix_line)s(?:\([0-9 :.-]{23}\) <SECURITY_LOG>:)? Connection ".+": User authentication failed. The user name that has been provided was "<F-USER>.+</F-USER>", from <HOST>.$
Add SoftEtherVPN jail 2020-11-05 22:56:30 +00:00			`# Fail2Ban filter for SoftEtherVPN`
			`# Detecting unauthorized access to SoftEtherVPN`
			`# typically logged in /usr/local/vpnserver/security_log/*/sec.log, or in syslog, depending on configuration`

			`[INCLUDES]`
			`before = common.conf`

			`[Definition]`
			`failregex = ^%(__prefix_line)s(?:\([0-9 :.-]{23}\) <SECURITY_LOG>:)? Connection ".+": User authentication failed. The user name that has been provided was "<F-USER>.+</F-USER>", from <HOST>.$`