Mercurial > repos > other > Puppet
view common/fail2ban/ibb-repeat-offender.conf @ 195:f70831cc2864 puppet-3.6
Separate out SSH repeats from web/email repeats
Hopefully this should prevent accidental lock-outs! Worst case, I
trigger a web lock-out and get back in on SSH.
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Wed, 17 Apr 2019 12:00:31 +0100 |
| parents | 8fa6623f1e5f |
| children |
line wrap: on
line source
# IBB-Repeat-Offender configuration file # # Author: Tom Hendrikx, minor modifications by Amir Caspi # See http://whyscream.net/wiki/index.php/Fail2ban_monitoring_Fail2ban # Renamed and adjusted by IBBoard for consistency # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) # Values: TEXT # failregex = NOTICE\s+\[(?:.*)\]\s+Ban\s+<HOST> # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex = fail2ban.actions:\s+NOTICE\s+\[(ibb-repeat-offender|ssh-)[^\]]+\]\s+Ban\s+<HOST>