- Improved regular expressions. Thanks to Yaroslav Halchenko

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@592 a942ae1a-1317-0410-a47c-b1dcaea8d605

CHANGELOG

@@ -11,6 +11,7 @@ ver. 0.8.1 (2007/??/??) - stable
 ----------
 - Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
 - Expand <HOST> in ignoreregex. Thanks to Yaroslav Halchenko
+- Improved regular expressions. Thanks to Yaroslav Halchenko
 
 ver. 0.8.0 (2007/05/03) - stable
 ----------

config/filter.d/pure-ftpd.conf

@@ -19,7 +19,7 @@ __errmsg = (?:Authentication failed for user|Erreur d'authentification pour l'ut
 #         (?:::f{4,6}:)?(?P<host>\S+)
 # Values: TEXT
 #
-failregex = pure-ftpd: (.+?@<HOST>) \[WARNING\] %(__errmsg)s \[.+\]$
+failregex = pure-ftpd(?:\[\d+\])?: (.+?@<HOST>) \[WARNING\] %(__errmsg)s \[.+\]$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.

config/filter.d/sshd-ddos.conf

@@ -14,7 +14,7 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values:  TEXT
 #
-failregex = sshd\[\S*\]: Did not receive identification string from <HOST>
+failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.

config/filter.d/vsftpd.conf

@@ -14,7 +14,7 @@
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values: TEXT
 #
-failregex = vsftpd: .* authentication failure; .* rhost=<HOST>$
+failregex = vsftpd(?:\[\d+\])?: .* authentication failure; .* rhost=<HOST>$
             \[.+\] FAIL LOGIN: Client "<HOST>"$
 
 # Option:  ignoreregex

config/filter.d/wuftpd.conf

@@ -2,7 +2,7 @@
 #
 # Author: Yaroslav Halchenko
 #
-# $Revision:  $
+# $Revision$
 #
 
 [Definition]
@@ -11,4 +11,4 @@
 # Notes.: regex to match the password failures messages in the logfile.
 # Values: TEXT
 #
-failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>
+failregex = wu-ftpd(?:\[\d+\])?:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>$