From 4c1abe1cbf08005f20aae01eea735feeed251a8e Mon Sep 17 00:00:00 2001 From: Pavel Mihadyuk Date: Wed, 23 Aug 2017 16:55:16 +0300 Subject: [PATCH] phpmyadmin-syslog: removed excess file, fixed test, updated failregex --- config/filter.d/phpmyadmin-syslog.conf | 3 ++- fail2ban/tests/files/logs/phpmyadmin-syslog | 4 ++-- fail2ban/tests/files/logs/phpmyadmin-syslog.conf | 2 -- 3 files changed, 4 insertions(+), 5 deletions(-) delete mode 100644 fail2ban/tests/files/logs/phpmyadmin-syslog.conf diff --git a/config/filter.d/phpmyadmin-syslog.conf b/config/filter.d/phpmyadmin-syslog.conf index 79eac71a..5b0862bb 100644 --- a/config/filter.d/phpmyadmin-syslog.conf +++ b/config/filter.d/phpmyadmin-syslog.conf @@ -9,9 +9,10 @@ before = common.conf _daemon = phpMyAdmin -failregex = ^%(__prefix_line)suser denied: .* \(mysql-denied\) from \s*$ +failregex = ^%(__prefix_line)suser denied: (?:\S+|.*?) \(mysql-denied\) from \s*$ ignoreregex = # Author: Pavel Mihadyuk +# Regex fixes: Serg G. Brester diff --git a/fail2ban/tests/files/logs/phpmyadmin-syslog b/fail2ban/tests/files/logs/phpmyadmin-syslog index eef6e3b2..f32a2476 100644 --- a/fail2ban/tests/files/logs/phpmyadmin-syslog +++ b/fail2ban/tests/files/logs/phpmyadmin-syslog @@ -1,2 +1,2 @@ -# failJSON: { "time": "2017-08-22T14:50:22", "match": true , "host": "81.62.21.201" } -Aug 22 14:50:22 eurostream phpMyAdmin[16358]: user denied: root (mysql-denied) from 81.62.21.201 +# failJSON: { "time": "2004-08-22T14:50:22", "match": true , "host": "192.0.2.1" } +Aug 22 14:50:22 eurostream phpMyAdmin[16358]: user denied: root (mysql-denied) from 192.0.2.1 diff --git a/fail2ban/tests/files/logs/phpmyadmin-syslog.conf b/fail2ban/tests/files/logs/phpmyadmin-syslog.conf deleted file mode 100644 index eef6e3b2..00000000 --- a/fail2ban/tests/files/logs/phpmyadmin-syslog.conf +++ /dev/null @@ -1,2 +0,0 @@ -# failJSON: { "time": "2017-08-22T14:50:22", "match": true , "host": "81.62.21.201" } -Aug 22 14:50:22 eurostream phpMyAdmin[16358]: user denied: root (mysql-denied) from 81.62.21.201