Package: fail2ban Severity: whislist Tags: patch Hi,
today I worked on a fail2ban filter rule that is able to filter out log lines from scanlogd. The scanlogd daemon is a port scan detector.
This is my /etc/fail2ban/filter.d/scanlogd.conf file: ``` # Fail2Ban filter for port scans detected by scanlogd [Definition] failregex = scanlogd:\ <HOST>\ to\ .*\ ports\ .* ignoreregex = # Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> ``` Hope, this is helpful. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pgpNGgfAHNsmz.pgp
Description: Digitale PGP-Signatur