Skip to content

I am Struggling with setting-up a ban rule for use with SoftEtherVPN #3205

Answered by sebres
Myron-S asked this question in Q&A
Discussion options

You must be logged in to vote

Hmm... Such a wordy log, but logging of IP by the failure seems to be seemingly too much...

Anyway, this is a filter example that will cache CID-24 as ID for the IP and match terminated by the cause as a failure:

[Definition]

failregex = ^\s*For the client \(IP address: <ADDR>, host name: "[^"]*", port number: \d+\), connection "<F-MLFID>[^"]+</F-MLFID>" has been <F-NOFAIL>create$
            ^\s*Connection "<F-MLFID>[^"]+</F-MLFID>" terminated by the cause
            ^\s*Connection "<F-MLFID>[^"]+</F-MLFID>" has been <F-MLFFORGET><F-NOFAIL>terminated</F-NOFAIL></F-MLFFORGET>

Replies: 3 comments 1 reply

Comment options

You must be logged in to vote
0 replies
Answer selected by sebres
Comment options

You must be logged in to vote
1 reply
@sebres
Comment options

Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants