If there is a date format like:
[Mar 13 03:34:41] WARNING chan_sip.c: Bad request protocol email@example.com SIP/2.0
the fail2ban regex will not check this and nothing will hapen with the iptables...
fail2ban needs this date format:
[2011-03-16 14:37:53] NOTICE chan_sip.c: Registration from '<sip:firstname.lastname@example.org>' failed for '0.0.0.0' - No matching peer found
Fail2ban needs a numeric date format, if there is a alphanumeric date format, there is no error message in the fail2ban log file...and you think it is working...but it isnt!
I think there should be a date format check script and an output to the fail2ban log file with an information that the date format isnt correct.
Log in to post a comment.