diff --git a/config/filter.d/apache-auth.conf b/config/filter.d/apache-auth.conf index 73097938..756c3767 100644 --- a/config/filter.d/apache-auth.conf +++ b/config/filter.d/apache-auth.conf @@ -17,4 +17,4 @@ failregex = [[]client (?P\S*)[]] user .*(?:: authentication failure|not fo # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/apache-noscript.conf b/config/filter.d/apache-noscript.conf index cd71df8f..dc11a304 100644 --- a/config/filter.d/apache-noscript.conf +++ b/config/filter.d/apache-noscript.conf @@ -17,4 +17,4 @@ failregex = [[]client (?P\S*)[]] File does not exist: .*(\.php|\.asp) # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/courierlogin.conf b/config/filter.d/courierlogin.conf index 5656368d..7088a625 100644 --- a/config/filter.d/courierlogin.conf +++ b/config/filter.d/courierlogin.conf @@ -18,4 +18,4 @@ failregex = LOGIN FAILED, ip=\[::ffff:(?P\S*)\]$ # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/couriersmtp.conf b/config/filter.d/couriersmtp.conf index d0d2e63d..7860fedb 100644 --- a/config/filter.d/couriersmtp.conf +++ b/config/filter.d/couriersmtp.conf @@ -17,4 +17,4 @@ failregex = error,relay=(?:::f{4,6}:)?(?P\S*),.*550 User unknown # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/postfix.conf b/config/filter.d/postfix.conf index c0850eb9..8ca98149 100644 --- a/config/filter.d/postfix.conf +++ b/config/filter.d/postfix.conf @@ -17,4 +17,4 @@ failregex = reject: RCPT from (.*)\[(?P\S*)\]: 554 # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/proftpd.conf b/config/filter.d/proftpd.conf index f0b82167..1b31cda1 100644 --- a/config/filter.d/proftpd.conf +++ b/config/filter.d/proftpd.conf @@ -17,4 +17,4 @@ failregex = USER \S+: no such user found from \S* ?\[(?P\S+)\] to \S+\s*$ # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/qmail.conf b/config/filter.d/qmail.conf index c958c22d..9aaac649 100644 --- a/config/filter.d/qmail.conf +++ b/config/filter.d/qmail.conf @@ -17,4 +17,4 @@ failregex = (?:[\d,.]+[\d,.] rblsmtpd: |421 badiprbl: ip )(?P\S*) # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/sasl.conf b/config/filter.d/sasl.conf index 005dcb28..8fd2027b 100644 --- a/config/filter.d/sasl.conf +++ b/config/filter.d/sasl.conf @@ -17,4 +17,4 @@ failregex = : warning: [-._\w]+\[(?P[.\d]+)\]: SASL (?:LOGIN|PLAIN|(?:CRAM # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf index 3003c856..cd9a3628 100644 --- a/config/filter.d/sshd.conf +++ b/config/filter.d/sshd.conf @@ -17,4 +17,4 @@ failregex = (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|n # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/filter.d/vsftpd.conf b/config/filter.d/vsftpd.conf index fd8f0ab4..aaa3fbbb 100644 --- a/config/filter.d/vsftpd.conf +++ b/config/filter.d/vsftpd.conf @@ -17,4 +17,4 @@ failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=(?P\S*) # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # -#ignoreregex = user: myusername +ignoreregex = diff --git a/config/jail.conf b/config/jail.conf index 53d446dd..81368c86 100644 --- a/config/jail.conf +++ b/config/jail.conf @@ -10,9 +10,14 @@ [DEFAULT] -# "ignoreip" can be an IP address, a CIDR mask or a DNS host +# "ignoreip" can be an IP address, a CIDR mask or a DNS host. ignoreip = 127.0.0.1 +# "bantime" is the number of seconds that a host is banned. bantime = 600 +# A host is banned if it has generated "maxretry" during the +# last "maxtime" seconds. +maxtime = 3600 +# "maxretry" is the number of failures before a host get banned. maxretry = 3 # "backend" specifies the backend used to get files modification. Available