New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Squirrelmail filter and M/d/Y H:m:s date format #261
Comments
I solved by adding this: here: |
given "Day/Month/Year Hour:Minute:Second" has the same regex I don't think we can include this. Is it possible to configure the squirrelmail date logging format? Regardless of the date format would you like to contribute a filter for squirrelmail with some sample logs of error messages? |
#214 could be of help if custom date template would be specified for the jail |
@grooverdan yes, it is possible to configure the squirrelmail loggin format but it is not so fast and I prefer to not change its default logging. |
#214 is a good application for this 😄 |
yeap -- and #214 is merged already in 0.9... I am keeping this issue open though until we finalize resolution for postmerge discussion #214 (comment) which should resolve this issue entirely while removing ambiguity between Day/Month and Month/Day |
for when date format is resolved |
closed as per #579 |
Hi,
Found a match for u' [LOGIN_ERROR] N/A (mydomain.org) from 151.64.61.62: Unknown user or password incorrect.\n' but no valid date/time found for u'06/17/2013 22:48:46'.
After an update on CentOS 6.4 running fail2ban fail2ban-0.8.8-3.el6.src.rpm
I noticed that fail2ban is not banning anyone anymore.
If I test the regexpr, for example:
fail2ban-regex /var/lib/squirrelmail/prefs/squirrelmail_access_log /etc/fail2ban/filter.d/squirrelmail.conf
I get this message:
Found a match for u' [LOGIN_ERROR] N/A (mydomain.org) from 151.64.61.62: Unknown user or password incorrect.\n' but no valid date/time found for u'06/17/2013 22:48:46'. Please file a detailed issue on https://github.com/fail2ban/fail2ban/issues in order to get support for this format.
Is there someone who can help please?
Thanks.
The text was updated successfully, but these errors were encountered: