On 7 July 2017 at 04:37, Hans Brost <k...@lighthouse57.com> wrote:
> Hi. Kind of new to all this, but I do know how to program. Not good at
> regex though....lol....
>
> Could one have banning rules and a jail based on a separate domain?
>
I'm not sure quite what you mean, please explain further.
You can experiment with regexes in fail2ban by using command line
fail2ban-regex.
I think fail2ban can only ban ips (because it uses iptables for bans). The
ban decision is based on single-line regex matches identified in new lines
appended to any specified local file (usually a log file). The matching
line must include the ip address to be banned.
This (log) file must be locally accessible - if what you want is to base a
fail2ban ban decision on a (log) file on a different machine then you would
need to pass that file to the local machine (the one running fail2ban)
first, I think. You could try this using rsync though you might have to do
it indirectly (rsync's direct updating of the local copy of the file might
upset fail2ban's monitoring).
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
