On 02/12/2021 22:25, Steve Charmer wrote:
Thanks for your reply Nick.
However, I thought the host_info was a shortcut created by F2B,
in the file
/etc/fail2ban/filter.d/exim-common.conf
so my understanding was that F2B would already get the host info using
the regex in that file
and same concept with pid
and all I needed to do was to was find the text string that I want to
detect.
I am a noob, I am simply trying to learn from examples I find inside
filter.d
The Exim filter is very different in 11.x, I think, but <HOST> is the
standard way of specifying the host. host_info seems to be defined (for
me) in exim-common.conf so, to use that definition, you will need to use
fail2ban-regex calling up your filter file which needs to include the
statement "before = exim-common.conf" in the [INCLUDES] section. You
cannot use fail2ban-regex directly calling your regex. How are you using it?
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
