I honestly don't know why some of these don't work. It's frustrating.
But if you've found a way to make it work, that's good enough :-) :-)
Tony Collins
RMT Tier 1 Health & Safety Representative
Edgware Road Traincrew Depot
07949 228324
On 30 May 2018 at 21:32, Teresa e Junior <teresaejun...@gmail.com> wrote:
> Em 30/05/2018 17:12, Tony Collins escreveu:
>
>> Is there a line in sshd.conf like "before = common.conf"?
>>
>
> It does.
>
> That's where the variable __prefix_line is defined:
>>
>
> OK!
>
> The problem, though, is that this log line doesn't match against
> /etc/fail2ban/filter.d/sshd.conf either (Ubuntu 16.04 and 18.04):
>
> $ fail2ban-regex "May 30 21:03:25 vps docker/ftps[1346]: Failed password
> for teresaejunior from 1.2.3.4 port 50714 ssh2" /etc/fail2ban/filter.d/
> sshd.conf
>
> I'm trying to protect a FTPS Docker container against brute force attacks,
> that is why I need this particular regex working (I could do my own .local
> filter, but I wonder why the default filter, which includes this line,
> doesn't work)
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
