WebSVN – configs – Blame – /firewall/etc/fail2ban/filter.d/solid-pop3d.conf

Rev	Author	Line No.	Line
33	-	1	`# Fail2Ban filter for unsuccessful solid-pop3 authentication attempts`
6	-	2	`#`
		3	`# Doesn't currently provide PAM support as PAM log messages don't include rhost as`
		4	`# remote IP.`
		5	`#`
		6	`[INCLUDES]`
		7
		8	`before = common.conf`
		9
		10	`[Definition]`
		11
		12	`_daemon = solid-pop3d`
		13
		14	`failregex = ^%(__prefix_line)sauthentication failed: (no such user\|can't map user name): .*? - <HOST>$`
		15	`^%(__prefix_line)s(APOP )?authentication failed for (mapped )?user .*? - <HOST>$`
		16	`^%(__prefix_line)sroot login not allowed - <HOST>$`
		17	`^%(__prefix_line)scan't find APOP secret for user .*? - <HOST>$`
		18
		19	`ignoreregex =`
		20
		21	`# DEV Notes:`
		22	`#`
		23	`# solid-pop3d needs to be compiled with --enable-logextend to support`
		24	`# IP addresses in log messages.`
		25	`#`
		26	`# solid-pop3d-0.15/src/main.c contains all authentication errors`
		27	`# except for PAM authentication messages ( src/authenticate.c )`
		28	`#`
		29	`# A pam authentication failure message (note no IP for rhost).`
		30	`# Nov 17 23:17:50 emf1pt2-2-35-70 solid-pop3d[17176]: pam_unix(solid-pop3d:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=jacques`
		31	`#`
		32	`# Authors: Daniel Black`

Subversion Repositories configs