github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

review and small tweaks (more precise and safe RE)

pull/2778/head
sebres 2020-11-09 13:43:59 +01:00
parent 2a18b82f5f
commit 25e006e137
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/filter.d/bitwarden.conf
View File

@ -6,7 +6,8 @@
before = common.conf before = common.conf
[Definition] [Definition]
failregex = ^%(__prefix_line)s\s*\[[^\s]+\]\s+Failed login attempt(?:, 2FA invalid)?\. <HOST>$ _daemon = Bitwarden-Identity
failregex = ^%(__prefix_line)s\s*\[(?:W(?:RN|arning)|Bit\.Core\.[^\]]+)\]\s+Failed login attempt(?:, 2FA invalid)?\. <ADDR>$
# DEV Notes: # DEV Notes:
# __prefix_line can result to an empty string, so it can support syslog and non-syslog at once. # __prefix_line can result to an empty string, so it can support syslog and non-syslog at once.

3
fail2ban/tests/files/logs/bitwarden
View File

@ -1,6 +1,9 @@
# failJSON: { "time": "2019-11-25T18:04:49", "match": true , "host": "192.168.0.16" } # failJSON: { "time": "2019-11-25T18:04:49", "match": true , "host": "192.168.0.16" }
2019-11-26 01:04:49.008 +08:00 [WRN] Failed login attempt. 192.168.0.16 2019-11-26 01:04:49.008 +08:00 [WRN] Failed login attempt. 192.168.0.16
# failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" }
2019-11-25 21:39:58.464 +01:00 [WRN] Failed login attempt, 2FA invalid. 192.168.0.21
# failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" } # failJSON: { "time": "2019-11-25T21:39:58", "match": true , "host": "192.168.0.21" }
2019-11-25 21:39:58.464 +01:00 [Warning] Failed login attempt, 2FA invalid. 192.168.0.21 2019-11-25 21:39:58.464 +01:00 [Warning] Failed login attempt, 2FA invalid. 192.168.0.21