30 lines
521 B
Plaintext
30 lines
521 B
Plaintext
# Fail2Ban filter for xinetd failures
|
|
#
|
|
# Cfr.: /var/log/(daemon\.|sys)log
|
|
#
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
# common.local
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
|
|
_daemon = xinetd
|
|
|
|
prefregex = ^%(__prefix_line)sFAIL: <F-CONTENT>.+</F-CONTENT>$
|
|
|
|
failregex = ^\S+ address from=<HOST>$
|
|
^\S+ libwrap from=<HOST>$
|
|
|
|
ignoreregex =
|
|
|
|
# DEV Notes:
|
|
#
|
|
# libwrap => tcp wrappers: hosts.(allow|deny)
|
|
# address => xinetd: deny_from|only_from
|
|
#
|
|
# Author: Guido Bozzetto
|