wiki:fail2ban_examples
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
wiki:fail2ban_examples [2022/12/27 13:11] – [Troubleshooting] add timezone issue antisa | wiki:fail2ban_examples [2022/12/29 10:11] – add Not banning after action change antisa | ||
---|---|---|---|
Line 13: | Line 13: | ||
logpath | logpath | ||
- | This will create a '' | + | This will create a '' |
- | | + | < |
- | failregex = client=< | + | [Definition] |
+ | failregex = ^< | ||
+ | |||
+ | ignoreregex = | ||
| | ||
- | ignoreregex = | + | datepattern = ^[^\[]*\[({DATE}) |
- | + | </ | |
- | | + | |
**< | **< | ||
Line 68: | Line 70: | ||
Failregex: 42 total | Failregex: 42 total | ||
|- #) [# of hits] regular expression | |- #) [# of hits] regular expression | ||
- | | 1) [42] client=< | + | | 1) [42] ^< |
`- | `- | ||
Line 85: | Line 87: | ||
< | < | ||
- | "08/Nov/2022:15:36:30 +0100" client=10.21.21.1 method=GET request="GET / HTTP/ | + | 10.21.21.1 - - [27/Dec/2022:11:57:15 +0100] "GET / HTTP/ |
- | "08/Nov/2022:15:37:35 +0100" client=10.21.21.1 method=GET request="GET / HTTP/ | + | 10.21.21.1 |
</ | </ | ||
Line 103: | Line 105: | ||
check your filter' | check your filter' | ||
+ | |||
+ | ===== Not banning after action change ===== | ||
+ | If you changed the action to be used in jail, for example from iptables to shorewall it might not work even after restart, workaround is to (re)move the sqlite database and restart e.g. | ||
+ | |||
+ | mv / | ||
====== Tested on ====== | ====== Tested on ====== | ||
* fail2ban 0.11.2 | * fail2ban 0.11.2 |
wiki/fail2ban_examples.txt · Last modified: 2024/03/06 14:02 by antisa