Sergey G. Brester
Sergey G. Brester
Just a notice to me / link #1945 (similar thing for iptables, port scans, etc).
I'm not a maintainer :) a dev either. As for merge, in my opinion it is too risky to use such a filters (see https://github.com/fail2ban/fail2ban/issues/1945#issuecomment-362247222) without to know what you...
> Regex proposed by you on Jan 23 is not working either (starting year 2020 I think). May be ufw blocked events simply not logged there? :) But if you...
Done (I corrected the comment above also): Here are the REs: 1. for `[UFW BLOCK]`: ``` ^\s*\S+ kernel:(?: +\[[^\]]+\])? \[UFW BLOCK\](?: (?:IN=\w+|OUT=|(?:(?!OUT=|IN=|SRC=)[A-Z]+=\S*)))* SRC= DST=\S+ ``` 2. common, for any other...
FWIW, blacklisting LACNIC (or other regional registries) by its mail address is in principle a workaround (not against PR, just a note). I guess to exclude registrars at all the...
> How can I change the database date format to always keep 2022-03-15T13:22:01+01:00 format, Well, at the moment, this is impossible, because the timestamp you'd see there is the part...
Unfortunately too many open branches resp. PR's currently, that can be affected if this will be merged (conflicts, etc). So currently blocked, but I'll try take a look soon...
A `reban` functionality gets implemented within #2588, just I guess it could serve a bit different purposes, but at the same time it has more to offer here: for example...
Since v.0.9 fail2ban stores last known position in the log-file, and used this (seek to this position) after (re)start, if the file is not rotated (creation time + MD5 of...
> Did they always work this way? More or less... at least seek in log to last known position is implemented somewhere at begin of 0.9. > Old requests might...