atmos
/
ban2fail
mirror of https://github.com/jrbrtsn/ban2fail
1
1
Fork 0
Code Issues Releases Wiki Activity

Minor changes

This commit is contained in:
john 2019-11-27 09:44:35 -05:00
parent 09cb94912c
commit 5fa8cd0f99
2 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
README.md
View File

@ -14,9 +14,9 @@ times a minute on my rather modest Linode virtual server to have a chance of
stopping them. Here are the timing results for a typical scan on my wimpy server:
```
real 0m0.119s
user 0m0.073s
sys 0m0.047s
real 0m0.269s
user 0m0.108s
sys 0m0.134s
```
Currently I am running *fail2ban* every 5 seconds. I hope you find this code useful.
@ -50,8 +50,15 @@ LOGTYPE auth {
Syntax in the config file is pretty much the same as the nftables syntax. All
keywords must be in upper case. Any values in the key=value pairs have
whitespace stripped from the beginning and end of the line. Since there is no
escaping of characters going on, regular expressions are WYSIWYG.
whitespace stripped from the beginning and end of the line. Since there is
little escaping of characters going on, regular expressions are mostly WYSIWYG.
If you have a hash symbol '#' in your pattern (which is the comment character
for the config file parser), you will need to escape it like so:
```
# Nov 27 02:03:03 srv named[764]: client @0x7fe6a0053420 1.192.90.183#27388 (www.ipplus360.com): query (cache) 'www.ipplus360.com/A/IN' denied
REGEX= named.*client.* ([0-9.a-f:]+)\#.*denied$
```
Finding typos and so forth in the config file is easy; use the -v command flag
to print all unrecognized content (besides comments).
@ -126,7 +133,7 @@ production mode.
I've tested *ban2fail* only on Debian Buster, but it should compile on just
about any modern Linux distro. It uses the following libraries:
+ *libcrypto* for md5 checksums
+ *libcrypto* from the libssl package, for md5 checksums
+ *libgeoip* to identify the country of origin for IP addresses
@ -141,5 +148,3 @@ sudo make install
The executable will be placed in "/usr/local/bin".

4
ban2fail.c
View File

@ -230,15 +230,17 @@ main(int argc, char **argv)
if(errflg) {
ez_fprintf(stderr,
"ban2fail v%d.%d.%d\n"
"Usage:\n"
"%s [options] [-t confFile]\n"
" --help\tprint this usage message.\n"
" -a\t\tList results by Address\n"
" -c\t\tlist results by Country\n"
" -s\t\tlist summary address result only\n"
" -s\t\tlist Summary results only\n"
" -t confFile\tTest confFile, do not apply iptables rules\n"
" -v\t\tVerbose information about unrecognized configuration info\n"
" --version\tprint the version number and exit.\n"
, G.version.major, G.version.minor, G.version.patch
, argv[0]
);