Blame | Last modification | View Log | RSS feed
# Fail2Ban configuration file to block repeated failed login attempts to Frolor installation(s)## Froxlor needs to log to Syslog User (e.g. /var/log/user.log) with one of the following messages# <syslog prefix> Froxlor: [Login Action <HOST>] Unknown user '<USER>' tried to login.# <syslog prefix> Froxlor: [Login Action <HOST>] User '<USER>' tried to login with wrong password.## Author: Joern Muehlencord#[INCLUDES]# Read common prefixes. If any customizations available -- read them from# common.localbefore = common.conf[Definition]_daemon = Froxlor# Option: failregex# Notes.: regex to match the password failures messages in the logfile. The# host must be matched by a group named "host". The tag "<HOST>" can# be used for standard IP/hostname matching and is only an alias for# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)# Values: TEXT#failregex = ^%(__prefix_line)s\[Login Action <HOST>\] Unknown user \S* tried to login.$^%(__prefix_line)s\[Login Action <HOST>\] User \S* tried to login with wrong password.$# Option: ignoreregex# Notes.: regex to ignore. If this regex matches, the line is ignored.# Values: TEXT#ignoreregex =