Em 31/05/2018 04:21, Teresa e Junior escreveu:
Em 30/05/2018 17:32, Teresa e Junior escreveu:
The problem, though, is that this log line doesn't match against
/etc/fail2ban/filter.d/sshd.conf either (Ubuntu 16.04 and 18.04):
$ fail2ban-regex "May 30 21:03:25 vps docker/ftps[1346]: Failed
password for teresaejunior from 1.2.3.4 port 50714 ssh2"
/etc/fail2ban/filter.d/sshd.conf
It doesn't match because docker/ftps[1346] is invalid in the filter. It
expects sshd[1346]. The solution is copying sshd.conf to ftps.local and
setting "_daemon = docker/ftps".
If anyone has problems like me with the regexes not matching, you can
compare your logs against the upstream test files. For example, for
sshd:
https://github.com/fail2ban/fail2ban/blob/0.11/fail2ban/tests/files/logs/sshd
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
