Talk:MANUAL 0 8

From Fail2ban
Revision as of 11:54, 27 September 2007 by 74.231.24.2 (talk)
Jump to navigationJump to search

darcnatrbas How to test the installation? This is a missing part of the manual. How can you easily test your SSH regex on an existing /var/log/auth.log ? Many thanks for fail2ban. --NBrouard 01:58, 9 January 2007 (PST)

The best way is probably to use fail2ban-regex. Currently it only supports one log line. I could extend this in order to read a file. This could be great. Thank you. --Lostcontrol 14:19, 9 January 2007 (PST)

In order to test my configuration I already changed your python fail2ban-regex in order to read a logfile: 

	def testRegex(self, logline, regex):
		print
		try:
			logging.getLogger("fail2ban").setLevel(logging.DEBUG)
			print "fail2ban-testconfig =", logline, regex
			f = open(logline, "rb")
			self.__filter.addFailRegex(regex)
			for line in f:
				ret = self.__filter.findFailure(line)
				if len(ret) != 0:
					print "Success, the following data were found:"
					print "fail2ban-regex ", regex, line
					timeTuple = time.localtime(ret[0][1])
					print "Date: " + time.strftime("%a %b %d %H:%M:%S %Y", timeTuple)
					ipList = ""
					for i in ret:
						ipList = ipList + " " + i[0]
					print "IP  :" + ipList
			print "After"
			logging.getLogger("fail2ban").setLevel(logging.CRITICAL)

But, as mentioned in the new TODO section, it would be nice to not only read a complete logfile but also the filter configuration file like sshd.conf. --NBrouard 09:43, 10 January 2007 (PST)

Sorry for the delay but I was quite busy last week. You're right :) It would be nice to read logfile and filter configuration. I will look at this as soon as possible. Thank you --Lostcontrol 01:38, 16 January 2007 (PST)

Retrieved from "http://wiki.fail2ban.org/wiki/index.php?title=Talk:MANUAL_0_8&oldid=2005"