mirror of https://github.com/jrbrtsn/ban2fail
Minor changes
This commit is contained in:
parent
09cb94912c
commit
5fa8cd0f99
21
README.md
21
README.md
|
@ -14,9 +14,9 @@ times a minute on my rather modest Linode virtual server to have a chance of
|
|||
stopping them. Here are the timing results for a typical scan on my wimpy server:
|
||||
|
||||
```
|
||||
real 0m0.119s
|
||||
user 0m0.073s
|
||||
sys 0m0.047s
|
||||
real 0m0.269s
|
||||
user 0m0.108s
|
||||
sys 0m0.134s
|
||||
```
|
||||
|
||||
Currently I am running *fail2ban* every 5 seconds. I hope you find this code useful.
|
||||
|
@ -50,8 +50,15 @@ LOGTYPE auth {
|
|||
|
||||
Syntax in the config file is pretty much the same as the nftables syntax. All
|
||||
keywords must be in upper case. Any values in the key=value pairs have
|
||||
whitespace stripped from the beginning and end of the line. Since there is no
|
||||
escaping of characters going on, regular expressions are WYSIWYG.
|
||||
whitespace stripped from the beginning and end of the line. Since there is
|
||||
little escaping of characters going on, regular expressions are mostly WYSIWYG.
|
||||
If you have a hash symbol '#' in your pattern (which is the comment character
|
||||
for the config file parser), you will need to escape it like so:
|
||||
|
||||
```
|
||||
# Nov 27 02:03:03 srv named[764]: client @0x7fe6a0053420 1.192.90.183#27388 (www.ipplus360.com): query (cache) 'www.ipplus360.com/A/IN' denied
|
||||
REGEX= named.*client.* ([0-9.a-f:]+)\#.*denied$
|
||||
```
|
||||
|
||||
Finding typos and so forth in the config file is easy; use the -v command flag
|
||||
to print all unrecognized content (besides comments).
|
||||
|
@ -126,7 +133,7 @@ production mode.
|
|||
I've tested *ban2fail* only on Debian Buster, but it should compile on just
|
||||
about any modern Linux distro. It uses the following libraries:
|
||||
|
||||
+ *libcrypto* for md5 checksums
|
||||
+ *libcrypto* from the libssl package, for md5 checksums
|
||||
|
||||
+ *libgeoip* to identify the country of origin for IP addresses
|
||||
|
||||
|
@ -141,5 +148,3 @@ sudo make install
|
|||
|
||||
The executable will be placed in "/usr/local/bin".
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -230,15 +230,17 @@ main(int argc, char **argv)
|
|||
|
||||
if(errflg) {
|
||||
ez_fprintf(stderr,
|
||||
"ban2fail v%d.%d.%d\n"
|
||||
"Usage:\n"
|
||||
"%s [options] [-t confFile]\n"
|
||||
" --help\tprint this usage message.\n"
|
||||
" -a\t\tList results by Address\n"
|
||||
" -c\t\tlist results by Country\n"
|
||||
" -s\t\tlist summary address result only\n"
|
||||
" -s\t\tlist Summary results only\n"
|
||||
" -t confFile\tTest confFile, do not apply iptables rules\n"
|
||||
" -v\t\tVerbose information about unrecognized configuration info\n"
|
||||
" --version\tprint the version number and exit.\n"
|
||||
, G.version.major, G.version.minor, G.version.patch
|
||||
, argv[0]
|
||||
);
|
||||
|
||||
|
|
Loading…
Reference in New Issue