Bug#748076: fail2ban: Add openvpn rules

Tue, 13 May 2014 16:45:25 -0700 

Package: fail2ban
Version: 0.8.13-1
Severity: normal
Tags: patch

Hello,

We use fail2ban for openvpn, here are the rules we are using.

Samuel

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14.0 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

-- 
Samuel
<O> Ça peut être une madeleine à sous munitions (avec des composants,
par exemple)
 -+- #runtime -+-

diff --exclude .svn --exclude .git --exclude CVS --exclude .hg -urN 
fail2ban-0.8.13/config/filter.d/openvpn.conf 
fail2ban-0.8.13-mine/config/filter.d/openvpn.conf
--- fail2ban-0.8.13/config/filter.d/openvpn.conf        1970-01-01 
01:00:00.000000000 +0100
+++ fail2ban-0.8.13-mine/config/filter.d/openvpn.conf   2014-05-14 
01:41:15.373568176 +0200
@@ -0,0 +1,10 @@
+# Fail2Ban configuration file for openvpn
+
+[Definition]
+
+failregex = .* ovpn-.* ::ffff:<HOST> Connection reset, restarting 
\[[0-9-]{1,2}\]
+            .* ovpn-.* <HOST> Connection reset, restarting \[[0-9-]{1,2}\]
+            .* ovpn-.* ::ffff:<HOST>:[0-9]{1,2,34,5} TLS Auth Error: Auth 
Username/Password verification failed for peer.*$
+            .* ovpn-.* <HOST>:[0-9]{1,2,34,5} TLS Auth Error: Auth 
Username/Password verification failed for peer.*$
+
+ignoreregex = 
diff --exclude .svn --exclude .git --exclude CVS --exclude .hg -urN 
fail2ban-0.8.13/debian/jail.conf fail2ban-0.8.13-mine/debian/jail.conf
--- fail2ban-0.8.13/debian/jail.conf    2014-03-19 16:43:38.000000000 +0100
+++ fail2ban-0.8.13-mine/debian/jail.conf       2014-05-14 01:38:41.114112002 
+0200
@@ -550,3 +550,15 @@
            sendmail-whois[name=Nagios, dest="%(destemail)s", 
sender="%(sender)s", sendername="%(sendername)s"]
 logpath  = /var/log/messages     ; nrpe.cfg may define a different log_facility
 maxretry = 1
+
+[openvpn]
+
+enabled   = true
+filter    = openvpn
+port      = all
+protocol  = all
+banaction = iptables-allports
+port      = anyport
+logpath   = /var/log/daemon.log
+maxretry  = 10
+

Reply via email to