Fail2Ban regex does not match -

-

i'm using fail2ban. reason fail2ban refuse compile regex. here logs need match:

root@server1:/etc/fail2ban/filter.d# tail /var/log/apache2/error.log [sun apr 20 10:40:05 2014] [error] [client 75.144.181.151] user root: authentication failure "/phpmyadmin/": password mismatch [sun apr 20 10:40:16 2014] [error] [client 75.144.181.151] user root: authentication failure "/phpmyadmin/": password mismatch [sun apr 20 10:40:38 2014] [error] [client 75.144.181.151] user haker not found: /phpmyadmin/ [sun apr 20 10:40:44 2014] [error] [client 75.144.181.151] user pentest not found: /phpmyadmin/

and here fail2ban filter.d file:

root@server1:/etc/fail2ban/filter.d# cat /etc/fail2ban/filter.d/phpmyadmin.conf [definition] failregex = [client <host>;] user .*; not found: \/phpmyadmin\/|[client <host>;] user root: authentication failure "\/phpmyadmin\/": ignoreregex =

here regex line file above:

[client <host>;] user .*; not found: \/phpmyadmin\/|[client <host>;] user root: authentication failure "\/phpmyadmin\/":

unfortunately fail2ban log file giving me error regex: unable compile regular expression..

root@server1:/etc/fail2ban# tail /var/log/fail2ban.log 2014-04-20 10:47:06,788 fail2ban.filter : info   added logfile = /var/log/apache2/error.log 2014-04-20 10:47:06,789 fail2ban.filter : info   set maxretry = 3 2014-04-20 10:47:06,789 fail2ban.filter : info   set findtime = 600 2014-04-20 10:47:06,790 fail2ban.actions: info   set bantime = 600 2014-04-20 10:47:06,790 fail2ban.filter : error  unable compile regular expression '[client (?:::f{4,6}:)?(?p<host>[\w\-.^_]+);] user .*; not found: \/phpmyadmin\/|[client (?:::f{4,6}:)?(?p<host>[\w\-.^_]+);] user root: authentication failure "\/phpmyadmin\/":' 2014-04-20 10:47:06,794 fail2ban.jail   : info   jail 'ssh' started 2014-04-20 10:47:06,799 fail2ban.jail   : info   jail 'pureftpd' started 2014-04-20 10:47:06,805 fail2ban.jail   : info   jail 'phpmyadmin' started

my regex http://regex101.com/r/ku7tx3. wrong this? appreciated. thank you.

i have asked question in comment cannot add comment:

so trying best understand requirement , giving answer.

requirement: think looking filter lines containing "authentication failure "/phpmyadmin/""

you can changing regular expression following:

failregex = .*authentication failure "\/phpmyadmin\/"

you may have escape "

please add comments if wasn't correct understanding.....


Comments

Post a Comment

Popular posts from this blog

c++ - How to add Crypto++ library to Qt project -

-
Image
i downloaded crypto++ source , compiled cryptlib project in visual studio 2013, , added generated .lib file qt project, made .pro file this: qt += core gui qt += sql greaterthan(qt_major_version, 4):qt += widgets target = untitled template = app sources += main.cpp\ mainwindow.cpp headers += mainwindow.h \ databasecontrol.h \ test.h forms += mainwindow.ui win32:config(release, debug|release): libs += -l$$pwd/ -lcryptlib else:win32:config(debug, debug|release): libs += -l$$pwd/ -lcryptlibd else:unix: libs += -l$$pwd/ -lcryptlib includepath += $$pwd/ dependpath += $$pwd/ win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/libcryptlib.a else:win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/libcryptlibd.a else:win32:!win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/cryptlib.lib else:win32:!win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/cryptlibd.lib else:unix: pre_targetdeps += $$pw...
Read more

jQuery Mobile app not scrolling in Firefox -

-
i have mobile app built in jquery mobile. scrolling fine in chrome & safari, fails scroll in firefox on desktop. have other instances of same app, different features, , works across browsers. life of me, cannot figure this, please help! located here: http://re-brand.us/dsus/index.html seems bug in firefox: bug log . able scroll using keyboard not trackpad on mac. are using mac? i'll keep looking see if can find way around it.
Read more

python - RuntimeError: Optimal parameters not found: Number of calls to function has reached maxfev = 800 -

-
i have image pick randow row in , try fit gaussian curve in row. using scipy.optimize curve_fit method fitting gaussian. picking of randow rows according array vector [10, 20, 40, 60, 100], meaning in first try pick 10 randow rows (hence, 10 gaussian fits) in image, then, more rows selected , on. most of time, code working, however, error (especially, when number of rows large: around 60 or more), says optimal parameters not found . i have found similar posts in stackoverflow still can not able solve problem. seems problem appears quite curve_fit method . laser beam, chance? ;-) anyway, problem rows selected "hard" fit gaussian curve scipy's curve_fit function. first suggestion debug (using e.g. python's logging module) see if error pops on specific rows. my second suggestion change initial guess curve_fit. rows curve-fitting possible, should able extract few parameters. on other rows, mean of gaussian @ approximately same position , aplitud...
Read more