Hi All,
How can I reference a custom parameter (not default ones like <HOST> or <ip>)
in action file which is taken from filter regex?
Here is the line in filter file:
...
failregex = ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+(
\([\S.]+\))?: (view (internal|external): )?query(?: \(cache\))?
'(?P<query>\S+)' denied\s*$
...
I need to use the value of <query> in action file but it's not substituted when
referenced there:
...
actionban = iptables -I fail2ban-<name> .... -m comment --comment "DROP Q
<query>" -j <blocktype>
...
While debugging I see <query> instead of actual value.
It does work with <ip> though.
I need to filter by other criteria, not by IP...
Any ideas?
Regards,
Constantin
The information in this email is confidential and may be legally privileged. It
is intended solely for the addressee. Any opinions expressed are mine and do
not necessarily represent the opinions of the Company. Emails are susceptible
to interference. If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken in reliance on
it, is strictly prohibited and may be unlawful. If you have received this
message in error, do not open any attachments but please notify the Endava
Service Desk on (+44 (0)870 423 0187), and delete this message from your
system. The sender accepts no responsibility for information, errors or
omissions in this email, or for its use or misuse, or for any act committed or
omitted in connection with this communication. If in doubt, please verify the
authenticity of the contents with the sender. Please rely on your own virus
checkers as no responsibility is taken by the sender for any damage rising out
of any bug or virus infection.
Endava Limited is a company registered in England under company number 5722669
whose registered office is at 125 Old Broad Street, London, EC2N 1AR, United
Kingdom. Endava Limited is the Endava group holding company and does not
provide any services to clients. Each of Endava Limited and its subsidiaries is
a separate legal entity and has no liability for another such entity's acts or
omissions.
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
