diff --git a/ChangeLog b/ChangeLog
index f59b8d79..a6eb4369 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,8 @@ Fail2Ban (version 0.8.3)                           2008/??/??
 ver. 0.8.3 (2008/??/??) - stable
 ----------
 - Process failtickets as long as failmanager is not empty.
+- Added "pam-generic" filter and more configuration fixes.
+  Thanks to Yaroslav Halchenko.
 
 ver. 0.8.2 (2008/03/06) - stable
 ----------
diff --git a/MANIFEST b/MANIFEST
index 264d37c1..cff2f3df 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -68,6 +68,7 @@ config/filter.d/postfix.conf
 config/filter.d/proftpd.conf
 config/filter.d/pure-ftpd.conf
 config/filter.d/qmail.conf
+config/filter.d/pam-generic.conf
 config/filter.d/sasl.conf
 config/filter.d/sshd.conf
 config/filter.d/sshd-ddos.conf
diff --git a/config/filter.d/pam-generic.conf b/config/filter.d/pam-generic.conf
new file mode 100644
index 00000000..55e9efd0
--- /dev/null
+++ b/config/filter.d/pam-generic.conf
@@ -0,0 +1,25 @@
+# Fail2Ban configuration file for generic PAM authentication errors
+#
+# Author: Yaroslav Halchenko
+#
+# $Revision:  $
+#
+
+[Definition]
+
+# if you want to catch only login erros from specific daemons, use smth like
+#_ttys_re=(?:ssh|pure-ftpd|ftp)
+# To catch all failed logins
+_ttys_re=\S*
+
+#
+# Shortcuts for easier comprehension of the failregex
+__pid_re=(?:\[\d+\])
+__pam_re=\(?pam_unix(?:\(\S+\))?\)?:?
+__pam_combs_re=(?:%(__pid_re)s?:\s+%(__pam_re)s|%(__pam_re)s%(__pid_re)s?:)
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile.
+# Values: TEXT
+#
+failregex = \s\S+ \S+%(__pam_combs_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
diff --git a/config/filter.d/proftpd.conf b/config/filter.d/proftpd.conf
index 4d71bf2a..852fb59c 100644
--- a/config/filter.d/proftpd.conf
+++ b/config/filter.d/proftpd.conf
@@ -14,7 +14,7 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values: TEXT
 #
-failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$
+failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$
             \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
             \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
             \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$