HI,
I'm sorry, but my english is worst. I mean "my config". :)
I think, you should have sshd.conf in jail.d/. In my jail.local all rules are
set to "false" and i have 3 files in jail.d/ , sshd.conf, exim.conf,
dovecot.conf and there i set "true". I'll paste my sshd.conf:
[ssh]
enabled = true
> Thank you for the swift response Nick. That was one of the incantations
> I had tried with these results
> [snip]
> ConfigParser.InterpolationMissingOptionError: Bad value substitution:
> section: [Definition]
> option : failregex
> key: __prefix_line
This means you do not have
>
> On 17/01/2016 20:06, Ken Smith wrote:
>> Hi Fail2Ban users,
>>
>>
>> I'm trying to match lines like this on a F2Ban 0.8.4 system:-
>>
>> Jan 17 07:08:04 knettaa2 sendmail[23508]: u0H77tm0023508:
>> car-pppoe-dvz-01.wln.com.br [187.17.21.214] did not issue
>> MAIL/EXPN/VRFY/ETRN during conn
Knowing nothing about sendmail and only based on the sendmail-reject
and sendmail-auth filters:
^%(__prefix_line)s\w{14}: (\S+ )?\[\] did not issue
MAIL\/EXPN\/VRFY\/ETRN during connection to MTA$
Test using fail2ban-regex.
Nick
On 17/01/2016 2
Hi Fail2Ban users,
I'm trying to match lines like this on a F2Ban 0.8.4 system:-
Jan 17 07:08:04 knettaa2 sendmail[23508]: u0H77tm0023508:
car-pppoe-dvz-01.wln.com.br [187.17.21.214] did not issue
MAIL/EXPN/VRFY/ETRN during connection to MTA
and my amateur regex foo is completely failing me.
Hi,
Could you attach your jail.conf?
Cheers.
> Оригинално писмо
>От: Steve Rowe st...@st3v3.co.uk
>Относно: [Fail2ban-users] Constant errors in fail2ban.log
>До: fail2ban-users@lists.sourceforge.net
>Изпратено на: 17.01.2016 15:56
Hi, I have logrotation run
Hi,
Could you try to set sender in ssh section in jail.conf?
Yours config is "sendmail-whois[name=ssh, dest=mym...@gmail.com" ,
here is missing "]" simbol and sender.
Main config is with this line:
sendmail-whois[name=SSH, dest=mym...@example.com, sender=mym...@example.com,
sendername="Fail2B
Hi,
I did not get any error message after setting up exim4 (but before that I
did not get any mail at all anyway). So at the (first,) second and further
failed logins there are no errors. But I only get the warning mail at the
first failed login. Here is my configuration file (jail.local) attached
Hello Steve,
Thanks for the answer,
Am Sonntag, 17. Januar 2016, 13:59:47 CET schrieb Steve Rowe:
> Thanks for the reply. I suggest you follow Losif's example instead.
> (pasted here for convenience in case you missed it).
>
> Hi Günther,
>
> > on my system fail2ban don't work anymore after upda
Thanks for the reply. I suggest you follow Losif's example instead.
(pasted here for convenience in case you missed it).
Hi Günther,
on my system fail2ban don't work anymore after update to CentOS 7 1511
Have any a Idea what is wrong with this RPM (?) and have a hint to
configure
this corre
Hi, I have logrotation running on my system and constantly get the
following entries in fail2ban.log.
as the file is beyond the rotation level (Keep x number of logs) and has
been removed.
2016-01-17 13:51:34,280 fail2ban.filterpoll [16861]: WARNING Too
many errors. Setting the jail idle
20
Hello Steve,
Am Samstag, 16. Januar 2016, 13:39:13 CET schrieb Steve Rowe:
> Hi Gunther. yes i had this problem too.
> I updated to centos 7.2 and fail2ban stopped working (except http).
I mean 7.2 have much more problems then 7.1 :-((.
> The issue for me was that the maillog and messages files
Hi,
Could you paste your jail.conf and jail.d/sshd.conf? Is there an error in
fail2ban.log?
> Оригинално писмо
>От: "YouGenom ." genomsa...@gmail.com
>Относно: [Fail2ban-users] Fail2Ban sends mails only once
>До: fail2ban-users@lists.sourceforge.net
>Изпратено н
Hi,
I have been trying to set up fail2ban. I have only edited for the SSH jail
to warn me in case of failed login. Other jails/actions/filters are at
default. Then I tried from another machine a failed login (6 times with
wrong password). I have got the mail with whois info. So this is what I was
14 matches
Mail list logo
