mirror of https://github.com/fail2ban/fail2ban
32 lines
1.6 KiB
Plaintext
Executable File
32 lines
1.6 KiB
Plaintext
Executable File
#! /bin/sh /usr/share/dpatch/dpatch-run
|
|
## 00_stronger_failregex.dpatch by Yaroslav Halchenko <debian@onerussian.com>
|
|
##
|
|
## All lines beginning with `## DP:' are a description of the patch.
|
|
## DP: No description.
|
|
|
|
@DPATCH@
|
|
diff -urNad fail2ban~/config/filter.d/sshd.conf fail2ban/config/filter.d/sshd.conf
|
|
--- fail2ban~/config/filter.d/sshd.conf 2008-01-04 12:02:47.000000000 -0500
|
|
+++ fail2ban/config/filter.d/sshd.conf 2008-01-04 12:10:25.000000000 -0500
|
|
@@ -13,7 +13,7 @@
|
|
# be used for standard IP/hostname matching.
|
|
# Values: TEXT
|
|
#
|
|
-failregex = (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) <HOST>
|
|
+failregex = (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) <HOST>(?: port \d*)?(?: ssh\d*)?\s*$
|
|
|
|
# Option: ignoreregex
|
|
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|
|
diff -urNad fail2ban~/config/filter.d/vsftpd.conf fail2ban/config/filter.d/vsftpd.conf
|
|
--- fail2ban~/config/filter.d/vsftpd.conf 2008-01-04 12:02:47.000000000 -0500
|
|
+++ fail2ban/config/filter.d/vsftpd.conf 2008-01-04 12:10:25.000000000 -0500
|
|
@@ -13,7 +13,7 @@
|
|
# be used for standard IP/hostname matching.
|
|
# Values: TEXT
|
|
#
|
|
-failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=<HOST>
|
|
+failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=<HOST>(?:\s+user=\S*)?\s*$
|
|
|
|
# Option: ignoreregex
|
|
# Notes.: regex to ignore. If this regex matches, the line is ignored.
|