15
templates/fail2ban.filter-api.conf
Normal file
15
templates/fail2ban.filter-api.conf
Normal file
@ -0,0 +1,15 @@
|
||||
#
|
||||
# Fail2ban Filter, GLPI API Denied access
|
||||
#
|
||||
# Managed By: Ansible
|
||||
# Role: nfc_glpi
|
||||
#
|
||||
# Do not edit this file directly as it will be automagically updated by ansible.
|
||||
# to make changes update the ansible play that deploys this file.
|
||||
[Init]
|
||||
maxlines = 2
|
||||
|
||||
[Definition]
|
||||
|
||||
failregex = ^(<HOST>[\d|\.?]{1,3}).+apirest.php.+"\s40\d\s\d{1,5}
|
||||
|
||||
17
templates/fail2ban.filter.conf
Normal file
17
templates/fail2ban.filter.conf
Normal file
@ -0,0 +1,17 @@
|
||||
#
|
||||
# Fail2ban Filter, GLPI
|
||||
#
|
||||
# Managed By: Ansible
|
||||
# Role: nfc_glpi
|
||||
#
|
||||
# Do not edit this file directly as it will be automagically updated by ansible.
|
||||
# to make changes update the ansible play that deploys this file.
|
||||
[Init]
|
||||
maxlines = 2
|
||||
|
||||
[Definition]
|
||||
# failregex = ^(?P<DATETIME>\d{4}-\d{2}-\d{2}\s?\d{2}:\d{2}:\d{2})\s+?\S+\n?\[login\]\s+?[\d+]?:?[\s+]?Failed\s+?login\s+?for\s(?P<USER>.+)\s+?from\s+?IP\s+?(?P<HOST>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$
|
||||
|
||||
# failregex = ^(.+)ogin] \d+: Failed login for (.+) from IP (<HOST>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$
|
||||
failregex = ^.*?(Failed login for)[\S\s]+(from IP) <HOST>.*$
|
||||
# ^.*\s(\[\S).*?(Failed login for) \S+ (from IP) <HOST>.*$
|
||||
Reference in New Issue
Block a user