CasperSecurity

Current Path : /etc/fail2ban/filter.d/
Upload File :
Current File : //etc/fail2ban/filter.d/znc-adminlog.conf

# Fail2Ban filter for ZNC (requires adminlog module)
#
# to use this module, enable the adminlog module from within ZNC and point
# logpath to its logfile (e.g. /var/lib/znc/moddata/adminlog/znc.log).

[DEFAULT]

logtype = file

[Definition]

_daemon = znc

# Prefix for different logtype (file, journal):
#
__prefix_file = (?:\[\]\s+)?
__prefix_short = (?:\S+\s+%(_daemon)s\[\d+\]:)\s+
__prefix_journal = %(__prefix_short)s

__prefix_line = <__prefix_<logtype>>

failregex = ^%(__prefix_line)s\[[^]]+\] failed to login from <ADDR>

ignoreregex = 

journalmatch = _SYSTEMD_UNIT=znc.service + _COMM=znc

# DEV Notes:
# Log format is: [<DATE+TIME>] [<USERNAME>] <ACTION> from <ADDR>
# [2018-10-27 01:40:17] [girst] connected to ZNC from 1.2.3.4
# [2018-10-27 01:40:21] [girst] disconnected from ZNC from 1.2.3.4
# [2018-10-27 01:40:55] [girst] failed to login from 1.2.3.4
#
# Author: Tobias Girstmair (//gir.st/)
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY