github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

adding openldap slapd filter

pull/1478/head
Andrii Melnyk 2016-07-08 04:50:57 +03:00
parent af8b650a37
commit b2e3affaa0
3 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -30,6 +30,8 @@ ver. 0.9.5 (2016/XX/XXX) - wanna-be-released
- New Features: - New Features:
* New Actions: * New Actions:
- action.d/firewallcmd-rich-rules and action.d/firewallcmd-rich-logging (gh-1367) - action.d/firewallcmd-rich-rules and action.d/firewallcmd-rich-logging (gh-1367)
* New filters:
- slapd - ban hosts, that were failed to connect with invalid credentials: error code 49
- Enhancements: - Enhancements:
* Extreme speedup of all sqlite database operations (gh-1436), * Extreme speedup of all sqlite database operations (gh-1436),

17
config/filter.d/slapd.conf Normal file
View File

@ -0,0 +1,17 @@
# slapd (Stand-alone LDAP Daemon) openldap daemon filter
#
# Detecting invalid credentials: error code 49
# http://www.openldap.org/doc/admin24/appendix-ldap-result-codes.html#invalidCredentials (49)
[Definition]
failregex = ^.* conn=(?P<pid>\d+) fd=\d+ ACCEPT from IP=<HOST>\:\d+ .+$<SKIPLINES>^.+ conn=(?P=pid) .* RESULT .* err=49 .*$
ignoreregex =
[Init]
# "maxlines" is number of log lines to buffer for multi-line regex searches
maxlines = 20
# Author: Andrii Melnyk

5
config/jail.conf
View File

@ -840,3 +840,8 @@ logencoding = utf-8
# See "haproxy-http-auth" filter for a brief cautionary note when setting # See "haproxy-http-auth" filter for a brief cautionary note when setting
# maxretry and findtime. # maxretry and findtime.
logpath = /var/log/haproxy.log logpath = /var/log/haproxy.log
[slapd]
port = ldap,ldaps
filter = slapd
logpath = /var/log/slapd.log