github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Make changes and add test file

pull/1607/head
Alex 2016-11-10 13:09:32 +01:00
parent 8c40766511
commit 8ac28e5dcb
3 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/filter.d/mongodb-auth.conf
View File

@ -1,5 +1,12 @@
# Fail2Ban filter for unsuccesfull MongoDB authentication attempts
#
# Logfile /var/log/mongodb/mongodb.log
#
# add setting in /etc/mongodb.conf
# logpath=/var/log/mongodb/mongodb.log
#
# and use of the authentication
# auth = true
#
[Init]

8
config/jail.conf
View File

@ -731,13 +731,7 @@ logpath = %(mysql_log)s
backend = %(mysql_backend)s
# Log wrong MongoDB auth
# Logfile /var/log/mongodb/mongodb.log
# add setting in /etc/mongodb.conf
# logpath=/var/log/mongodb/mongodb.log
#
# and use of the authentication
# auth = true
# Log wrong MongoDB auth (for details how ... see filter ...)
[mongodb-auth]
port = 27017
logpath = /var/log/mongodb/mongodb.log

24
fail2ban/tests/files/logs/mongodb-auth Normal file
View File

@ -0,0 +1,24 @@
# failJSON: { "time": "2016-11-20T00:04:00", "match": true , "host": "192.168.1.35" }
2016-11-20T00:04:00.110+0200 [conn1] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user root@admin
2016-11-20T00:04:00.111+0200 [conn1] end connection 192.168.1.35:53276 (0 connections now open)
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "220.95.238.171" }
2016-11-20T00:24:00.110+0200 [conn5] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user root@admin
2016-11-20T00:24:00.111+0200 [conn5] end connection 220.95.238.171:53276 (0 connections now open)
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "220.95.238.176" }
2016-11-20T00:24:00.110+0200 [conn334] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed key mismatch
2016-11-20T00:24:00.111+0200 [conn334] end connection 220.95.238.176:53276 (0 connections now open)
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "167.96.268.1" }
2016-11-20T00:24:00.110+0200 [conn56] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed key mismatch
2016-11-20T00:24:00.111+0200 [conn56] end connection 167.96.268.1:53276 (0 connections now open)
# failJSON: { "time": "2016-11-20T00:24:00", "match": false , "host": "127.0.0.1" }
2016-11-10T12:54:02.370+0100 [initandlisten] connection accepted from 127.0.0.1:58774 #2261 (1 connection now open)
2016-11-10T12:54:02.370+0100 [conn2261] end connection 127.0.0.1:58774 (0 connections now open)
# failJSON: { "time": "2016-11-10T13:07:49", "match": false , "host": "177.13.20.178" }
2016-11-10T13:07:49.781+0100 [conn2271] authenticate db: admin { authenticate: 1, nonce: "xxx", user: "root", key: "xxx" }
2016-11-10T13:07:49.834+0100 [conn2271] end connection 177.13.20.178:60268 (3 connections now open)