Mercurial > syslog2iptables

view syslog2iptables.conf @ 4:2737ab01659a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
initial coding
author carl
date Thu, 01 Dec 2005 17:17:37 -0800
parents 8fe310e5cd44
children 276c4edc8521
line wrap: on
line source

threshold 600;

ignore {
    127.0.0.0/8;        // localhost
    205.147.40.32/26;   // 510sg
    205.147.0.100/24;   // digilink
    205.147.39.128/25;  // ams
};

file "mycisco.log" {
    pattern "Internet_Firewall denied (tcp|udp) ([^(]*)" {
        index 2;    // zero based
        bucket 200;
    };
};

file "mymessages.log" {
    pattern "sshd.pam_unix.*authentication failure.*rhost=(.*) user=" {
        index 1;    // zero based
        bucket 300;
    };
    pattern "sshd.pam_unix.*authentication failure.*rhost=(.*)$" {
        index 1;    // zero based
        bucket 300;
    };
};