Hello, I am using ubuntu 12.04LTS with fail2ban version 8.6. My servers are on rackspace, behind one of their load balancers. The rackspace version of ubuntu has already added the x-forwarded-for headers to the logformats. I would like to use the filters provided by fail2ban as a base to build on, but since I am working behind a proxy, the proxy ip addresses in the x-forwarded-for headers do not appear in the errorlog.
I have the api scripts for modifying rackspace’s load balancer filters…But... It would be nice when the included regex’s trigger if fail2ban could read the proxied ip addresses from the corresponding entries in the access logs. I also COULD modify the jail information to read the access logs instead of the errorlogs, but I would need to modify the filter regex’s as well. Does anyone have any recommendations? Thank you for your time! —jason Jason Brooks Systems Administrator eROI Performance is Art. m: 505 nw couch #300 w: eroi.com <http://eroi.com/> t: 503.290.3105 f: 503.228.4249 fb: fb.com/eROI <http://www.facebook.com/eROI>
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
