[Fwd: [CentOS] fail2ban needs shorewall?]
Kai Schaetzl
maillists at conactive.comWed Jul 23 19:31:12 UTC 2008
- Previous message: [Fwd: Re: [CentOS] fail2ban needs shorewall?]
- Next message: [CentOS] prevent runaway PID taking down server (RAM/swap)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andylockran wrote on Wed, 23 Jul 2008 17:43:45 +0100: > If you do have an issue with fail2ban, it does pretty much the same thing. fail2ban from rpmforge works fine. It's missing the filter for dovecot, though, and got wrong filters for many other services. Here are some that I just figured out: dovecot:/var/log/secure failregex = dovecot-auth: pam_unix\(dovecot:auth\): authentication failure; * rhost=<HOST> sasl:/var/log/maillog failregex = postfix\/smtpd\[\d+\]: warning: unknown\[<HOST>\]: SASL LOGIN authentication failed: vsftpd:/var/log/secure failregex = vsftpd: .* authentication failure; .* rhost=<HOST> I noticed that there are several failregex in the conf files that end with $. However, if I try that my rules fail, although they look like perfectly valid regex, so I'm not matching until the end of line. Someone else can add to the list? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
- Previous message: [Fwd: Re: [CentOS] fail2ban needs shorewall?]
- Next message: [CentOS] prevent runaway PID taking down server (RAM/swap)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list