mirror of https://github.com/fail2ban/fail2ban
24 lines
657 B
Plaintext
24 lines
657 B
Plaintext
# slapd (Stand-alone LDAP Daemon) openldap daemon filter
|
|
#
|
|
# Detecting invalid credentials: error code 49
|
|
# http://www.openldap.org/doc/admin24/appendix-ldap-result-codes.html#invalidCredentials (49)
|
|
|
|
[INCLUDES]
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
# common.local
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
|
|
_daemon = slapd
|
|
|
|
prefregex = ^%(__prefix_line)sconn=<F-MLFID>\d+</F-MLFID>(?: (?:fd|op)=\d+){0,2} (?=ACCEPT|RESULT)<F-CONTENT>.+</F-CONTENT>$
|
|
|
|
failregex = ^<F-NOFAIL>ACCEPT</F-NOFAIL> from IP=<ADDR>:\d{1,5}\s+
|
|
^RESULT(?:\s(?!err)\S+=\S*)* err=49\b
|
|
|
|
ignoreregex =
|
|
|
|
# Author: Andrii Melnyk, Sergey G. Brester
|