>Hi David, > >I'm afraid fail2ban can't help. it absolutely can
>The tool evaluates the log file, right? yes Your problem would be to write a regex that matches the lines in the log file that you don't want to see. That has to be doable, but may well be painful :-) I have fail2ban watch every service my machines offer - web, mail exchnger, name server - except ssh access, which it's usually used for. I deal with ssh by only allowing it from a small number of ipv4 addresses. I got lucky with exim4 as the supplied regex picks up all the stuff I don't want and recently that seems to have become pretty important. For apache2 (with modsecurity) and the nameserver, I had to produce a regex myself - ouch. But once you have that it's the bees knees. You can block these bad guys for as long as you like. -- David Matthews m...@dmatthews.org --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org