Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
66 lines (66 sloc) 2.11 KB
{
"settings": {
"database": "sqlite",
"failed_attempts": 5,
"deny_type": "DROP",
"ignored_ips": ["127.0.0.1"],
"request_time": 5,
"reload_iptables": true,
"rules": {
"ssh": {
"log_file": "/var/log/auth.log",
"regex_patterns": [
"([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* Invalid user .* from (.*) port (.*)",
"([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* Failed password for .* from (.*) port (.*)",
"([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* Did not receive identification string from (.*) port (.*)",
"([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* Received disconnect from (.*) port (.*):\\d{0,4}: .*",
"([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* Unable to negotiate with (.*) port .*",
["([a-zA-Z]{3}\\s+\\d{1,2} \\d{1,2}:\\d{1,2}:\\d{1,2}).* error: maximum authentication attempts exceeded for .* from (.*) port .*", true]
],
"time_format": "%b %d %H:%M:%S"
},
"mysql": {
"log_file": "",
"regex_patterns": [
"(\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2}) .* Access denied for user '.*'@'(.*)' .*"
],
"time_format": "%Y-%m-%d %H:%M:%S"
},
"apache": {
"log_file": "",
"regex_patterns": [
["(.*) .* .* \\[(.*) \\+0000\\] \"POST ({}) HTTP/1\\.1\" .*", "urls"]
],
"time_format": "%d/%b/%Y:%H:%M:%S",
"urls": ["/login/", "/admin/"],
"http_status_blocks": [200]
},
"nginx": {
"log_file": "",
"regex_patterns": [
["(.*) .* .* \\[(.*) \\+0000\\] \"POST ({}) HTTP/1\\.1\" .*", "urls"]
],
"time_format": "%d/%b/%Y:%H:%M:%S",
"urls": ["/login/", "/admin/"],
"http_status_blocks": [405]
}
}
},
"sqlite": {
"database": "PyFilter.db"
},
"redis": {
"host": "127.0.0.1",
"password": null,
"database": 0,
"sync_bans": {
"active": true,
"name": "1",
"check_time": 600
}
},
"logging": {
"active": true,
"directory": "Logs"
}
}