> On Tuesday, March 5, 2024 at 11:36:49 PM GMT+3:30, James Moe via Fail2ban-users <fai...@li...> wrote:
> On 2024-03-05 04:14, Jason Long via Fail2ban-users wrote:
> How can I block someone who has entered the wrong password three times in any given time period?
--[ Jail definition ]--
bantime.increment = true
bantime.factor = 1
bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor
[jail-name]
enabled = true
port = smtp,465,submission
logpath = /path/to/maillog.txt
datepattern = %%Y-%%m-%%d_%%H:%%M:%%S
logencoding = utf-8
#
# bantime = 26w 15h
bantime = 182.62d
maxretry = 3
findtime = 2w
action = iptables-multiport[name=jname, port="smtp,465,submission", protocol=tcp]
--[ end ]--
Then create a filter in filter.d that matches the failed login log entry.
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
_______________________________________________
Fail2ban-users mailing list
Fai...@li...
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
Hello,
Thanks.
I need this strategy for SSH service.
|
