Hey Dan,
It's pretty simple to write this rule since its a counted+pattern match
and that's it nothing more.
If it fits your need you can add a send mail target instead of a "ban" one.
Eliezer
On 03/08/2015 10:25, Dan Charlesworth wrote:
Thanks Antony.
Fail2ban looks like a viable option th
Thanks Antony.
Fail2ban looks like a viable option though we would still need to write a regex
definition to target this sort of behaviour. Their squid example targets
aggressive hosts where my preference would be to target aggressive applications
(that could be running on more than one host).
On Monday 03 August 2015 at 08:06:35 (EU time), Dan Charlesworth wrote:
> Probably a lot of forward proxy users here have encountered applications
> which, if they can’t get their web requests through the proxy (because of
> 407 Proxy Auth Required or whatever), just start aggressively, endlessly
Probably a lot of forward proxy users here have encountered applications which,
if they can’t get their web requests through the proxy (because of 407 Proxy
Auth Required or whatever), just start aggressively, endlessly spamming
requests.
A recent example would be AVG’s “cloud” features generat
