Am 25.12.2015 um 06:24 schrieb David Kerr <da...@kerr.net>: > Firstly happy christmas to all. > > Now my question, should adaptive ban pick up on the following? I'm getting > attacked again but neither of these IP's are getting added to the ban list. > As far as I can tell the adaptive ban plugin is active... > > ENABLED=1 > ADAPTIVE_BAN_FILE="/var/log/messages" > ADAPTIVE_BAN_TIME=90 > ADAPTIVE_BAN_COUNT=3 > ADAPTIVE_BAN_TYPES="sshd asterisk lighttpd" > > Dec 23 20:40:09 pbx daemon.info > racoon: ERROR: Invalid exchange type 37 from 129.192.165.10[4500]. > Dec 23 20:40:14 pbx > daemon.info > racoon: ERROR: Invalid exchange type 37 from 129.192.165.10[4500]. > Dec 23 20:40:19 pbx > daemon.info > racoon: ERROR: Invalid exchange type 37 from 129.192.165.10[4500]. > Dec 23 20:45:04 pbx > daemon.info racoon: ERROR: Invalid exchange type 37 from 129.192.165.10[4500] > > Dec 24 20:57:35 pbx daemon.info > racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500]. > Dec 24 20:57:43 pbx > daemon.info > racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500]. > Dec 24 20:57:44 pbx > daemon.info > racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500]. > Dec 24 20:57:45 pbx > daemon.info > racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500]. > Dec 24 20:57:48 pbx > daemon.info > racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500]. > Dec 24 20:57:51 pbx > daemon.info racoon: ERROR: Invalid exchange type 243 from 101.165.98.245[500] > ------------------------------------------------------------------------------
Hi David, merry Christmas. Your errors are coming from racoon/ipsec, but Adaptive Ban doesn't have support for ipsec (yet): # A list of analysis types that are applied # Choose from: sshd asterisk kamailio lighttpd prosody pptpd Michael http://www.mksolutions.info ------------------------------------------------------------------------------ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
