# Fail2Ban configuration file
#
# Author: Bas van den Dikkenberg
#
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf


[Definition]

_daemon = nsd

# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values:  TEXT

failregex =  ^%(__prefix_line)sinfo: ratelimit block .* query <HOST> TYPE255$
             ^%(__prefix_line)sinfo: .* <HOST> refused, no acl matches\.$

ignoreregex =

datepattern = {^LN-BEG}Epoch
              {^LN-BEG}