mirror of https://github.com/fail2ban/fail2ban
review and small tweaks (more precise and safe RE)
parent
2a18b82f5f
commit
25e006e137
|
@ -6,7 +6,8 @@
|
||||||
before = common.conf
|
before = common.conf
|
||||||
|
|
||||||
[Definition]
|
[Definition]
|
||||||
failregex = ^%(__prefix_line)s\s*\[[^\s]+\]\s+Failed login attempt(?:, 2FA invalid)?\. <HOST>$
|
_daemon = Bitwarden-Identity
|
||||||
|
failregex = ^%(__prefix_line)s\s*\[(?:W(?:RN|arning)|Bit\.Core\.[^\]]+)\]\s+Failed login attempt(?:, 2FA invalid)?\. <ADDR>$
|
||||||
|
|
||||||
# DEV Notes:
|
# DEV Notes:
|
||||||
# __prefix_line can result to an empty string, so it can support syslog and non-syslog at once.
|
# __prefix_line can result to an empty string, so it can support syslog and non-syslog at once.
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
# failJSON: { "time": "2019-11-25T18:04:49", "match": true , "host": "192.168.0.16" }
|
# failJSON: { "time": "2019-11-25T18:04:49", "match": true , "host": "192.168.0.16" }
|
||||||
2019-11-26 01:04:49.008 +08:00 [WRN] Failed login attempt. 192.168.0.16
|
2019-11-26 01:04:49.008 +08:00 [WRN] Failed login attempt. 192.168.0.16
|
||||||
|
|
||||||
|
# failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" }
|
||||||
|
2019-11-25 21:39:58.464 +01:00 [WRN] Failed login attempt, 2FA invalid. 192.168.0.21
|
||||||
|
|
||||||
# failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" }
|
# failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" }
|
||||||
2019-11-25 21:39:58.464 +01:00 [Warning] Failed login attempt, 2FA invalid. 192.168.0.21
|
2019-11-25 21:39:58.464 +01:00 [Warning] Failed login attempt, 2FA invalid. 192.168.0.21
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue