[contribteam] [Bug 8955] Fail2Ban error in qpsmtpd.conf regex

[bugzilla-daemon]

https://bugs.contribs.org/show_bug.cgi?id=8955

--- Comment #12 from John Crisp <jcr...@safeandsoundit.co.uk> ---
qpsmptpd
   LogLevel=6

Yes, I have got an older version of fail2ban

fail2ban.noarch 0:0.9.4-2.el6

Updated that. signal-event fail2ban-update

Testing just one line at a time:

[root@esmith filter.d]# cat /etc/fail2ban/filter.d/qpsmtpd.conf
[INCLUDES]
before = common.conf

[Definition]

_daemon = qpsmtpd

failregex = ^\s*\d+\s*logging::logterse plugin \(deny\): ` <HOST>\s*.*90\d.*msg
denied before queued$
ignoreregex = logters.*greylisting.*90.*temporarily denied


[root@esmith filter.d]# fail2ban-regex /var/log/qpsmtpd/current
/etc/fail2ban/filter.d/qpsmtpd.conf

Running tests
=============

Use   failregex filter file : qpsmtpd, basedir: /etc/fail2ban
Use         log file : /var/log/qpsmtpd/current
Use         encoding : UTF-8


Results
=======

Failregex: 0 total

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [42178] TAI64N
`-

Lines: 42178 lines, 0 ignored, 0 matched, 42178 missed
[processed in 2.41 sec]

Missed line(s): too many to print.  Use --print-all-missed to print all 42178
lines

=================================

[root@esmith filter.d]# cat /etc/fail2ban/filter.d/qpsmtpd.conf
[INCLUDES]
before = common.conf

[Definition]

_daemon = qpsmtpd

failregex = ^\s*\d+\s*\(deny\) logging::logterse: ` <HOST>\s*.*90\d.*msg denied
before queued$
ignoreregex = logters.*greylisting.*90.*temporarily denied



[root@esmith filter.d]# fail2ban-regex /var/log/qpsmtpd/current
/etc/fail2ban/filter.d/qpsmtpd.conf

Running tests
=============

Use   failregex filter file : qpsmtpd, basedir: /etc/fail2ban
Use         log file : /var/log/qpsmtpd/current
Use         encoding : UTF-8


Results
=======

Failregex: 174 total
|-  #) [# of hits] regular expression
|   1) [174] ^\s*\d+\s*\(deny\) logging::logterse: ` <HOST>\s*.*90\d.*msg
denied before queued$
`-

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [42178] TAI64N
`-

Lines: 42178 lines, 0 ignored, 174 matched, 42004 missed
[processed in 2.42 sec]

Missed line(s): too many to print.  Use --print-all-missed to print all 42004
lines

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail contribteam-unsubscr...@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/