tomMoulard
commented
3 years ago For now, there is no way to do this with this plugin. But since the can be a new feature to support, I'll add the correct label the enhance the plugin :)
Open phirestalker opened 3 years ago
tomMoulard
commented
3 years ago For now, there is no way to do this with this plugin. But since the can be a new feature to support, I'll add the correct label the enhance the plugin :)
phirestalker
commented
3 years ago How does the plugin currently decide who to block? In my limited usage it seemed to block any new ip.
On Sat, Aug 28, 2021 at 12:05 PM Tom Moulard @.***> wrote:
For now, there is no way to do this with this plugin. But since the can be a new feature to support, I'll add the correct label the enhance the plugin :)
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/tomMoulard/fail2ban/issues/40#issuecomment-907674659, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABZBOZ5CS2HVTQVYMEC4YFTT7EXRHANCNFSM5C7FXMKA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
tomMoulard
commented
3 years ago To paraphrase the plugin''s description on pilot :
Blacklist (or whitelist) IP depending on some conditions
phirestalker
commented
3 years ago Ya, I looked at the source code after I asked. If I do not set any of those options, it will literally block any connecting address after n attempts. I don't know why I didn't think to look first.
On Sat, Aug 28, 2021 at 8:52 PM Tom Moulard @.***> wrote:
To paraphrase the plugin''s description on pilot https://pilot.traefik.io/plugins/605afbaaa5f67ab9a1b0e51c/fail2-ban :
Blacklist (or whitelist) IP depending on some conditions
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/tomMoulard/fail2ban/issues/40#issuecomment-907724503, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABZBOZZGGJFD2Z3LBTCVDSTT7GVJJANCNFSM5C7FXMKA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
phirestalker
commented
3 years ago I had an unrelated question about the plugin's development. How did you set up the test environment for developing this plugin? Did you use some kind of virtual environment?
Is there a way to ban using a failregex filter on an access log line?
I had fail2ban on my host protecting the docker proxy instance when i was using nginx-proxy. Here is the line from my custom filter
failregex = ^.*\s<HOST>.*"(GET|POST).*" (404|444|403|400) .*$EDIT:
Does this plugin only ban according to urlregexp and if I leave it blank it blocks all access?