mirror of https://github.com/fail2ban/fail2ban
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
parent
7ac9890bf6
commit
9fb167b5e1
|
@ -32,6 +32,9 @@ releases.
|
|||
- Extended failregex and test cases to handle ASSP V1 and V2 (gh-1494)
|
||||
* `filter.d/postfix-sasl.conf`
|
||||
- Allow for having no trailing space after 'failed:' (gh-1497)
|
||||
* `filter.d/vsftpd.conf`
|
||||
- Optional reason part in message after FAIL LOGIN (gh-1543)
|
||||
|
||||
|
||||
### New Features
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ __pam_re=\(?%(__pam_auth)s(?:\(\S+\))?\)?:?
|
|||
_daemon = vsftpd
|
||||
|
||||
failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
|
||||
^ \[pid \d+\] \[.+\] FAIL LOGIN: Client "<HOST>"\s*$
|
||||
^ \[pid \d+\] \[[^\]]+\] FAIL LOGIN: Client "<HOST>"(?:\s*$|,)
|
||||
|
||||
ignoreregex =
|
||||
|
||||
|
|
|
@ -12,3 +12,6 @@ Fri Jan 19 12:20:33 2007 [pid 27202] [anonymous] FAIL LOGIN: Client "64.106.46.9
|
|||
|
||||
# failJSON: { "time": "2004-10-23T21:15:42", "match": true , "host": "58.254.172.161" }
|
||||
Oct 23 21:15:42 vps vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=test rhost=58.254.172.161
|
||||
|
||||
# failJSON: { "time": "2016-09-08T00:39:49", "match": true , "host": "192.0.2.1" }
|
||||
Thu Sep 8 00:39:49 2016 [pid 15019] [guest] FAIL LOGIN: Client "::ffff:192.0.2.1", "User is not in the allow user list."
|
||||
|
|
Loading…
Reference in New Issue