mirror of https://github.com/fail2ban/fail2ban
17 lines
467 B
Plaintext
17 lines
467 B
Plaintext
# Fail2Ban filter for dante
|
|
#
|
|
# Make sure you have "log: error" set in your "client pass" directive
|
|
#
|
|
|
|
[INCLUDES]
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
_daemon = danted
|
|
|
|
failregex = ^%(__prefix_line)sinfo: block\(\d\): tcp/accept \]: <ADDR>\.\d+ \S+: error after reading \d+ bytes? in \d+ seconds?: (?:could not access|system password authentication failed for|pam_authenticate\(\) for) user "<F-USER>[^"]+</F-USER>"
|
|
|
|
[Init]
|
|
journalmatch = _SYSTEMD_UNIT=danted.service
|
|
|