Max*_*121 28 log-files fail2ban
如何为同一规则配置多个日志路径?
我正在尝试编写这样的语法:
[apache-w00tw00t]
enabled = true
filter = apache-w00tw00t
action = iptables-allports
logpath = /var/log/apache*/*error.log
logpath = /var/www/vhosts/site1.com/log/errorlog
logpath = /var/www/vhosts/site1.com/subdom/log/errorlog
logpath = /var/www/vhosts/site3/log/errorlog
logpath = /var/www/vhosts/site4/log/errorlog
maxretry = 1
路径都不同,所以我不能使用 RE *
将更多日志放入规则的正确语法是什么?
Mer*_*uck 30
我尝试使用相同的语法,在启动 fail2ban 时没有出现错误。在您的 jail.conf 中尝试此操作,如果仍然不起作用,您可以使用单个日志路径轻松将规则拆分为多个规则,例如:
[apache-w00tw00t-1]
enabled = true
filter = apache-w00tw00t
action = iptables-allports
logpath = /var/log/apache*/*error.log
maxretry = 1
[apache-w00tw00t-2]
enabled = true
filter = apache-w00tw00t
action = iptables-allports
logpath = /var/www/vhosts/site1.com/log/errorlog
maxretry = 1
等等。
这应该最终有效:
[apache-w00tw00t]
enabled = true
filter = apache-w00tw00t
action = iptables-allports
logpath = /var/www/vhosts/site1.com/log/errorlog
/var/log/apache*/*error.log
/var/www/vhosts/site1.com/subdom/log/errorlog
/var/www/vhosts/site3/log/errorlog
/var/www/vhosts/site4/log/errorlog
maxretry = 1
您可以查阅http://centoshelp.org/security/fail2ban/以获取信息。
| 归档时间: |
|
| 查看次数: |
31112 次 |
| 最近记录: |