Re: [Fail2ban-users] Crazy idea: fail2ban syslogd

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Tuesday 2013-02-26 18:14, Yaroslav Halchenko wrote:
>On Tue, 26 Feb 2013, Arturo 'Buanzo' Busleiman wrote:
>
>> >  format for native syslog-ng 'filters'  seems to be also not
>> > that easy to grasp
>
>> What about a new feature, someway to tell fail2ban to listen to
>> syslogd messages instead of reading files, instead of starting from
>> "zero" ?
>
>"listen to syslogd messages" -- how?  e.g. via syslog-ng 'filters'?

You simply have syslog write to a pipe, like it already does with 
/dev/xconsole. All it then takes is f2b to read from the named pipe
instead of files.

Having f2b become a syslog daemon in its own right is programmatic 
nonsense.