On 2021-10-18 07:39, Krzysztof Adamski wrote:
>> Oct 17 16:33:34 mailserver dovecot: auth-worker(41189): conn
>> unix:auth-
>> worker (pid=41188,uid=108): auth-worker<119>:
>> sql(orders,219.145.118.23,): unknown user (given
>> password: qwer1234)
>>
>>
> I was wrong, the auth-worker failures are
On Sun, 2021-10-17 at 16:54 -0400, Krzysztof Adamski wrote:
> On Sun, 2021-10-17 at 22:22 +0200, Tim Boneko via Fail2ban-users
> wrote:
> > Am Sonntag, dem 17.10.2021 um 13:33 -0400 schrieb Krzysztof
> > Adamski:
> > >
> > > ... dovecot: imap-login: Disconnected (auth failed, 4 attempts in
> > > 5
Thank you Tom for your help.
However your configuration will issue a whois on the culprit ip.
What I am trying to do is the following :
A prison runs on specific log, some ip makes unauthorized request and gets
banned.
Say that said ip generated such log entry with its request :
`1.2.3.4 - 10/18/
Greetings Baptiste et al.
See excerpt from my iptables-multiport.conf file
on my own, small private server:
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart = -N f2b-
-A f2b- -j RETURN
-I -p -m mul
Hello folks,
I search through the wiki but could not find a list of actions variables.
When configuring an action you can pass a variable eg here :
action = log[logpath="%(logpath)s"]
=> would pass logpath to the log action
Specifically, I am looking for a variable that would output the whole ba
