On 5/7/2021 2:46 AM, Nick Howitt wrote:
Also, try starting small with something like: ".*<HOST>.*denied"
I tried that just now, fails in the file, fails on the command line.# fail2ban-regex "07-May-2021 03:22:16.413 security: info: client @0x7fc7b8055fc8 192.169.102.220#12001 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied" ".*<HOST>.*denied"
Running tests ============= Use failregex line : .*<HOST>.*denied Use single line : 07-May-2021 03:22:16.413 security: info: client @0... Results ======= Failregex: 0 total Ignoreregex: 0 total Date template hits: |- [# of hits] date format| [1] {^LN-BEG}Day(?P<_sep>[-/])MON(?P=_sep)ExYear[ :]?24hour:Minute:Second(?:\.Microseconds)?(?: Zone offset)?
`- Lines: 1 lines, 0 ignored, 0 matched, 1 missed [processed in 0.05 sec] |- Missed line(s):| 07-May-2021 03:22:16.413 security: info: client @0x7fc7b8055fc8 192.169.102.220#12001 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied
`- -- Dan Egli From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
