I'm running centos 5.10 32 bit server with fail2ban-0.8.14-1.el5 and
openvpn-2.3.2-2.el5 and I'm having difficulty getting a filter to work
in fail2ban. I saw the example filter at
http://www.fail2ban.org/wiki/index.php/OpenVPN but it doesn't work for
me, maybe I'm using the wrong versions(s).
this is openvpn.conf
[Definition]
failregex = * <HOST>:[0-9]{4,5} Connection reset, restarting \[[0-9]{1,2}\]
ignoreregex =
and these are some sample lines from openvpn.log showing the kind of
things that the filter should be seeing:
Wed Mar 18 17:00:48 2015 82.192.95.163:1487 Connection reset, restarting [0]
Wed Mar 18 17:01:06 2015 82.192.95.163:1488 TLS Auth Error: Auth
Username/Password verification failed for peer
Wed Mar 18 17:01:42 2015 82.192.95.163:1490 SENT CONTROL [<password>]:
'AUTH_FAILED' (status=1)
I've been trying to use the fail2ban-regex command to catch a syntax
that works but so far no luck. Thanks for any help.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
