On 07/23/2010 01:35 PM, Vassilis V. wrote: > > I just did some more testing and I can confirm it works also for 2.4 > As Derek mentioned, some minor changes need to be made to the jail.conf > to get the notifications going. > > Since I was interested to extend the feature to also ban openvpn > connection tries, I think I managed to get it done. > > Here is how to get fail2ban to monitor Openvpn on Endian: > (Tested on 2.4) > > 1.) in jail.conf add: > [openvpn-iptables] > enabled = true > filter = openvpn > action = iptables[name=openvpn, port=openvpn, protocol=udp] > sendmail-whois[name=OpenVPN, [email protected], > [email protected]] > logpath = /var/log/openvpn/openvpn.log > maxretry = 6 > > (In order to get the notifications to work, the SMTP Proxy needs to be > active) > > 2.) create openvpn.conf in /var/efw/fail2ban/filter.d > [INCLUDES] > before = common.conf > [Definition] > _daemon = openvpn > failregex = ^ EFWNAME openvpn[[0-9]{4,5}]:<HOST>:[0-9]{4,5} TLS Auth > Error: Auth Username/Password verification failed $ > ignoreregex = > > > (The failregex part needs to be one line! In EFWNAME I added the name of > the efw box as it was typed on the openvpn.log. ) > > 3.) restart fail2ban > /etc/init.d/fail2ban restart > > > Hope someone can have some use for it! I am open to any suggestions on > how to improve the code.
Good, this looks really good, Im going to try the openvpn part, anyone have other examples to share? Best regards. > > Vassilis > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > Efw-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/efw-user -- Compugraf ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
