mirror of https://github.com/fail2ban/fail2ban
14 lines
480 B
Plaintext
14 lines
480 B
Plaintext
# Fail2Ban filter for openvpn server
|
|
# Detecting wrong TLS handshakes
|
|
# typically logged in /var/log/syslog
|
|
# Author: Philipp Burndorfer
|
|
|
|
[INCLUDES]
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
_daemon = ovpn-server\d*
|
|
|
|
failregex = ^%(__prefix_line)s<HOST>:\d{4,5} (?:TLS Auth Error:|VERIFY ERROR:|TLS Error: TLS handshake failed\b|SIGUSR1\[soft,connection-reset\] received\b)
|
|
^%(__prefix_line)sTLS Error: cannot locate HMAC in incoming packet from \[AF_INET\]\s*<HOST>:\d{4,5}
|