From: Jan E. <je...@in...> - 2013-02-26 21:12:11
|
On Tuesday 2013-02-26 18:14, Yaroslav Halchenko wrote: >On Tue, 26 Feb 2013, Arturo 'Buanzo' Busleiman wrote: > >> > format for native syslog-ng 'filters' seems to be also not >> > that easy to grasp > >> What about a new feature, someway to tell fail2ban to listen to >> syslogd messages instead of reading files, instead of starting from >> "zero" ? > >"listen to syslogd messages" -- how? e.g. via syslog-ng 'filters'? You simply have syslog write to a pipe, like it already does with /dev/xconsole. All it then takes is f2b to read from the named pipe instead of files. Having f2b become a syslog daemon in its own right is programmatic nonsense. |