Rev 4 | Blame | Compare with Previous | Last modification | View Log | RSS feed
# Fail2Ban configuration file for generic PAM authentication errors#[INCLUDES]before = common.conf[Definition]# if you want to catch only login errors from specific daemons, use something like#_ttys_re=(?:ssh|pure-ftpd|ftp)## Default: catch all failed logins_ttys_re=\S*__pam_re=\(?%(__pam_auth)s(?:\(\S+\))?\)?:?_daemon = \S+failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$ignoreregex =# DEV Notes:## for linux-pam before 0.99.2.0 (late 2005) (removed before 0.8.11 release)# _daemon = \S*\(?pam_unix\)?# failregex = ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$## Author: Yaroslav Halchenko