Chris Lee ha scritto il 26/03/20 alle 10:33:
Hi Piviul,
Are your jail.local config like this?
[guacamole]
enabled = true
port = http,https
logpath = /catalina.*.log
your settings says that fail2ban have to check authentication failures
in /catalina.*.log but do you have this file in your system? My tomcat
(I use debian buster) is configured to logs in
/var/log/tomcat9/catalina.out so in logpath I have something like
/var/log/tomcat*/catalina.out
Seem the Warning message are logged on /var/log/message instead of
/var/log/tomcat/catalina.*.log
you have only to discover where authentication failure messages are
logged and put in logpath the path to this file and check if the
failregex pattern match the log you found.
Piviul
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
