From: Arturo 'B. B. <bu...@bu...> - 2009-11-13 17:41:26
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Russell Jones wrote: > Yeah.... Unfortunately changing syslogd to syslog-ng is impractical for > me on this server. I tried changing dovecot's logging from syslog to > just /var/log/dovecot.log, but unfortunately it still logs failures to > /var/log/secure A horrible hack / workaround, would be to execute 'logger' to insert messages into syslog, effectively disrupting the "last message repeated" feature. > I saw that someone a few years ago wrote a patch so that fail2ban would > understand the "last message repeated" lines. I guess that patch never > made it into the application huh? I'll look into it (Cyril, you have that at hand?) - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - OWASP - SANS - OISSG http://www.buanzo.com.ar/pro/eng.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkr9lEUACgkQAlpOsGhXcE2iUQCfYpezX7as7qRRV15g/EOPLMM4 sJsAnA5QTB9+HhNjt6fHa7biDst21Zia =t/4X -----END PGP SIGNATURE----- |