github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Modified failregex again. Thanks to Yaroslav Halchenko 

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@609 a942ae1a-1317-0410-a47c-b1dcaea8d605
_tent/ipv6_via_aInfo
Cyril Jaquier 2007-08-08 22:29:13 +00:00
parent a3ace8040b
commit 3ef8fbe2e3
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
config/filter.d/sshd.conf
View File

@ -14,11 +14,11 @@
# (?:::f{4,6}:)?(?P<host>\S+)
# Values: TEXT
#
failregex = Authentication failure for .+ from <HOST>(?: port \d+ ssh2)?$
Failed [-/\w]+ for .+ from <HOST>(?: port \d+ ssh2)?$
ROOT LOGIN REFUSED .+ FROM <HOST>(?: port \d+ ssh2)?$
[iI](?:llegal|nvalid) user .+ from <HOST>(?: port \d+ ssh2)?$
User .+ from <HOST> not allowed because not listed in AllowUsers$
failregex = (?:error: PAM: )?Authentication failure for .* from <HOST>\s*$
Failed [-/\w]+ for .* from <HOST>(?: port \d*)?(?: ssh\d*)?$
ROOT LOGIN REFUSED.* FROM <HOST>\s*$
[iI](?:llegal|nvalid) user .* from <HOST>\s*$
User \S+ from <HOST> not allowed because not listed in AllowUsers$
User .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups$
# Option: ignoreregex