Mercurial > syslog2iptables
diff syslog2iptables.conf @ 5:276c4edc8521
initial coding
| author | carl |
|---|---|
| date | Fri, 02 Dec 2005 17:52:44 -0800 |
| parents | 2737ab01659a |
| children | d76f9ff42487 |
line wrap: on
line diff
--- a/syslog2iptables.conf Thu Dec 01 17:17:37 2005 -0800 +++ b/syslog2iptables.conf Fri Dec 02 17:52:44 2005 -0800 @@ -7,14 +7,25 @@ 205.147.39.128/25; // ams }; -file "mycisco.log" { +file "/var/log/cisco.log" { pattern "Internet_Firewall denied (tcp|udp) ([^(]*)" { index 2; // zero based bucket 200; }; }; -file "mymessages.log" { +file "/var/log/secure" { + pattern "sshd.*Failed password .* from ::ffff:(.*) port" { + index 1; // zero based + bucket 300; + }; + pattern "sshd.*Failed password .* from (.*) port" { + index 1; // zero based + bucket 300; + }; +}; + +file "/var/log/messages" { pattern "sshd.pam_unix.*authentication failure.*rhost=(.*) user=" { index 1; // zero based bucket 300;