mirror of
https://github.com/fail2ban/fail2ban.git
synced 2026-05-14 06:56:47 +00:00
ae7297e16b
- datedetector rewritten more strict as earlier;
- default templates can be specified exacter using prefix/suffix syntax (via `datepattern`);
- more as one date pattern can be specified using option `datepattern` now (new-line separated);
- some default options like `datepattern` can be specified directly in section `[Definition]`, that avoids contrary usage of unnecessarily `[Init]` section, because of performance (each extra section costs time);
- option `datepattern` can be specified in jail also (jails without filters);
- if first group specified, only this will be cut out from search log-line (e. g.: `^date:[({DATE})]` will cut out only datetime match pattern, and leaves `date:[] failure ip...` for searching in filter);
- faster match and fewer searching of appropriate templates (DateDetector.matchTime calls rarer DateTemplate.matchDate now);
- standard filters extended with exact prefixed or anchored date templates;
template cache introduced (in opposition to default template cache, holds custom templates cached by pattern for possible common usage of same template/regex);
16 lines
260 B
SquidConf
16 lines
260 B
SquidConf
# Fail2Ban filter for Squid attempted proxy bypasses
|
|
#
|
|
#
|
|
|
|
[Definition]
|
|
|
|
failregex = ^\s+\d\s<HOST>\s+[A-Z_]+_DENIED/403 .*$
|
|
^\s+\d\s<HOST>\s+NONE/405 .*$
|
|
|
|
ignoreregex =
|
|
|
|
datepattern = {^LN-BEG}Epoch
|
|
{^LN-BEG}
|
|
|
|
# Author: Daniel Black
|
|
|