mirror of https://github.com/fail2ban/fail2ban
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
50 lines
1.4 KiB
50 lines
1.4 KiB
# Generic configuration items (to be used as interpolations) in other |
|
# filters or actions configurations |
|
# |
|
# Author: Yaroslav Halchenko |
|
# |
|
# $Revision$ |
|
# |
|
|
|
[INCLUDES] |
|
|
|
# Load customizations if any available |
|
after = common.local |
|
|
|
|
|
[DEFAULT] |
|
|
|
# Daemon definition is to be specialized (if needed) in .conf file |
|
_daemon = \S* |
|
|
|
# |
|
# Shortcuts for easier comprehension of the failregex |
|
# |
|
# PID. |
|
# EXAMPLES: [123] |
|
__pid_re = (?:\[\d+\]) |
|
|
|
# Daemon name (with optional source_file:line or whatever) |
|
# EXAMPLES: pam_rhosts_auth, [sshd], pop(pam_unix) |
|
__daemon_re = [\[\(]?%(_daemon)s(?:\(\S+\))?[\]\)]?:? |
|
|
|
# Combinations of daemon name and PID |
|
# EXAMPLES: sshd[31607], pop(pam_unix)[4920] |
|
__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:) |
|
|
|
# Some messages have a kernel prefix with a timestamp |
|
# EXAMPLES: kernel: [769570.846956] |
|
__kernel_prefix = kernel: \[\d+\.\d+\] |
|
|
|
__hostname = \S+ |
|
|
|
# |
|
# Common line prefixes (beginnings) which could be used in filters |
|
# |
|
# [bsdverbose]? [hostname] [vserver tag] daemon_id spaces |
|
# |
|
# bsdverbose is where syslogd is started with -v or -vv and results in <4.3> or |
|
# <auth.info> appearing before the host as per testcases/files/logs/bsd/*. |
|
# |
|
# This can be optional (for instance if we match named native log files) |
|
__prefix_line = \s*(<[^.]+.[^.]+>)?\s*(?:%(__hostname)s )?(?:%(__kernel_prefix)s )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*
|
|
|