|
|
|
@ -15,8 +15,18 @@
|
|
|
|
|
# for most jails, and shorewall for this one).
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[INCLUDES]
|
|
|
|
|
|
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
|
|
|
# common.local
|
|
|
|
|
before = common.conf
|
|
|
|
|
|
|
|
|
|
[Definition]
|
|
|
|
|
|
|
|
|
|
_daemon = fail2ban.actions
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# The name of the jail that this filter is used for. In jail.conf, name the
|
|
|
|
|
# jail using this filter 'recidive', or change this line!
|
|
|
|
|
_jailname = recidive
|
|
|
|
@ -28,11 +38,11 @@ _jailname = recidive
|
|
|
|
|
# (?:::f{4,6}:)?(?P<host>\S+)
|
|
|
|
|
# Values: TEXT
|
|
|
|
|
#
|
|
|
|
|
failregex = fail2ban.actions:\s+WARNING\s+\[(?:.*)\]\s+Ban\s+<HOST>
|
|
|
|
|
failregex = ^(%(__prefix_line)s|,\d{3} fail2ban.actions:\s+)WARNING\s+\[(?:.*)\]\s+Ban\s+<HOST>
|
|
|
|
|
|
|
|
|
|
# Option: ignoreregex
|
|
|
|
|
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
|
|
|
|
# Values: TEXT
|
|
|
|
|
#
|
|
|
|
|
# Ignore our own bans, to keep our counts exact.
|
|
|
|
|
ignoreregex = fail2ban.actions:\s+WARNING\s+\[%(_jailname)s\]\s+Ban\s+<HOST>
|
|
|
|
|
ignoreregex = ^(%(__prefix_line)s|,\d{3} fail2ban.actions:\s+)WARNING\s+\[%(_jailname)s\]\s+Ban\s+<HOST>
|
|
|
|
|