Hello,

just one question.

Yesterday, i installed the fail2ban programm on my Debian Etch system.

In the jail.conf i enabled the proftpd-iptables and now im getting this message into fail2ban.log

“fail2ban.filter : ERROR  No failregex is set”

What does it mean. Whats wrong ?

Jail.conf

[proftpd-iptables]

enabled  = true

filter   = proftpd

action   = iptables[name=ProFTPD, port=21, protocol=tcp]

           sendmail-whois[name=ProFTPD, dest=info@xxx.de]

logpath  = /var/log/auth.log

maxretry = 5

 proftpd.conf

failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[\S+\] to \S+:\S+$

            \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$

            \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$

            \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$

# Option:  ignoreregex

# Notes.:  regex to ignore. If this regex matches, the line is ignored.

# Values:  TEXT

#

ignoreregex =

and the logfile auth.log

May 16 13:43:00 server01 proftpd: (pam_unix) authentication failure; logname= uid=0 euid=0 tty= ruser=mmuster rhost=x.x.x.x  user=mmuster

May 16 13:43:02 server01 proftpd[13715]: server01.xxx.de (x.x.x.x[x.x.x.x]) - USER mmuster (Login failed): Incorrect password.

May 16 13:43:02 server01 proftpd[13715]: server01.xxx.de (x.x.x.x[x.x.x.x]) - FTP session closed.