Difference between revisions of "Talk:OpenVPN"

Latest revision as of 17:05, 20 February 2009

Hi,

for me the regexp did not compile until I changed it to

ovpn-\S+\[[0-9]{4,6}\]: <HOST>:[0-9]{4,5} Connection reset, restarting \[[0-9]{1,2}\]$

This way it is clear that we want messages from openvpn ("ovpn") which is propably a good idea since the messages are posted to syslog.

The text after "ovpn-" is not set because this is the name of the configuration file (aka vpn) which produced the message.

I was not able to test the regexp by now, but at least it compiles cleanly on debian lenny (fail2ban v0.8.3).

I also added following regexp:

ovpn-\S+\[\d+\]: TLS Error: Unroutable control packet received from <HOST>:[0-9]{4,5}

I got the message when I tried to connect with an old certificate that would not be accepted. And this one I tested and it worked.

@@ Line 3: / Line 3: @@
 for me the regexp did not compile until I changed it to
-ovpn-\S+\[[0-9]{4,6}\]: <HOST>:[0-9]{4,5} Connection reset, restarting \[[0-9]{1,2}\]$
+''ovpn-\S+\[[0-9]{4,6}\]: <HOST>:[0-9]{4,5} Connection reset, restarting \[[0-9]{1,2}\]$''
 This way it is clear that we want messages from openvpn ("ovpn") which is propably a good idea since the messages are posted to syslog.
@@ Line 10: / Line 10: @@
 I was not able to test the regexp by now, but at least it compiles cleanly on debian lenny (fail2ban v0.8.3).
+I also added following regexp:
+''ovpn-\S+\[\d+\]: TLS Error: Unroutable control packet received from <HOST>:[0-9]{4,5}''
+I got the message when I tried to connect with an old certificate that would not be accepted.
+And this one I tested and it worked.