github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy; 

(broken by commit 72b06479a5), replacement for gh-2290.
pull/2369/merge
jim 2018-11-30 03:54:12 +01:00 committed by sebres
parent 5c44ca714f
commit a7f3ba87f6
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/filter.d/sogo-auth.conf
View File

@ -4,7 +4,7 @@
[Definition]
failregex = ^ sogod \[\d+\]: SOGoRootPage Login from '<HOST>' for user '.*' might not have worked( - password policy: \d* grace: -?\d* expire: -?\d* bound: -?\d*)?\s*$
failregex = ^ sogod \[\d+\]: SOGoRootPage Login from '<HOST>(?:, [^']*)?' for user '.*' might not have worked( - password policy: \d* grace: -?\d* expire: -?\d* bound: -?\d*)?\s*$
ignoreregex =

2
fail2ban/tests/files/logs/sogo-auth
View File

@ -29,3 +29,5 @@ Mar 24 08:58:59 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user
Mar 24 08:59:04 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87bc088> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=admin,ou=users,dc=mail,dc=example,dc=org"; }
# failJSON: { "time": "2005-03-24T08:59:04", "match": true , "host": "173.194.44.31" }
Mar 24 08:59:04 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'admin' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0
# failJSON: { "time": "2005-03-24T08:59:04", "match": true , "host": "173.194.44.31" }
Mar 24 08:59:04 sogod [26818]: SOGoRootPage Login from '173.194.44.31, 10.0.0.1' for user 'admin' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0