Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

fail2ban-regex(1) [centos man page]

FAIL2BAN-REGEX(1)						   User Commands						 FAIL2BAN-REGEX(1)

NAME

       fail2ban-regex - test Fail2ban "failregex" option

SYNOPSIS

       fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]

DESCRIPTION

       Fail2Ban  reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.

       This tools can test regular expressions for "fail2ban".

   LOG:
       string a string representing a log line

       filename
	      path to a log file (/var/log/auth.log)

       "systemd-journal"
	      search systemd journal (systemd-python required)

   REGEX:
       string a string representing a 'failregex'

       filename
	      path to a filter file (filter.d/sshd.conf)

   IGNOREREGEX:
       string a string representing an 'ignoreregex'

       filename
	      path to a filter file (filter.d/sshd.conf)

OPTIONS

       --version
	      show program's version number and exit

       -h, --help
	      show this help message and exit

       -c CONFIG, --config=CONFIG
	      set alternate config directory

       -d DATEPATTERN, --datepattern=DATEPATTERN
	      set custom pattern used to match date/times

       --timezone=TIMEZONE, --TZ=TIMEZONE
	      set time-zone used by convert time format

       -e ENCODING, --encoding=ENCODING
	      File encoding. Default: system locale

       -r, --raw
	      Raw hosts, don't resolve dns

       --usedns=USEDNS
	      DNS specified replacement of tags <HOST> in regexp ('yes' - matches all form of hosts, 'no' - IP addresses only)

       -L MAXLINES, --maxlines=MAXLINES
	      maxlines for multi-line regex.

       -m JOURNALMATCH, --journalmatch=JOURNALMATCH
	      journalctl style matches overriding filter file.	"systemd-journal" only

       -l LOG_LEVEL, --log-level=LOG_LEVEL
	      Log level for the Fail2Ban logger to use

       -v, --verbose
	      Increase verbosity

       --verbosity=VERBOSE
	      Set numerical level of verbosity (0..4)

       --verbose-date, --VD
	      Verbose date patterns/regex in output

       -D, --debuggex
	      Produce debuggex.com urls for debugging there

       --print-no-missed
	      Do not print any missed lines

       --print-no-ignored
	      Do not print any ignored lines

       --print-all-matched
	      Print all matched lines

       --print-all-missed
	      Print all missed lines, no matter how many

       --print-all-ignored
	      Print all ignored lines, no matter how many

       -t, --log-traceback
	      Enrich log-messages with compressed tracebacks

       --full-traceback
	      Either to make the tracebacks full, not compressed (as by default)

AUTHOR

       Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.  Many contributions by Yaroslav O. Halchenko and Steven Hiscocks.

REPORTING BUGS

       Report bugs to https://github.com/fail2ban/fail2ban/issues

COPYRIGHT

       Copyright (C) 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
       Copyright of modifications held by their respective authors.  Licensed under the GNU General Public License v2 (GPL).

SEE ALSO

       fail2ban-client(1) fail2ban-server(1)

fail2ban-regex 0.10.2						   January 2018 						 FAIL2BAN-REGEX(1)

Check Out this Related Man Page

FAIL2BAN(1)						      General Commands Manual						       FAIL2BAN(1)

NAME

       fail2ban - a set of server and client programs to limit brute force authentication attempts.

DESCRIPTION

       Fail2Ban consists of a client, server and configuration files to limit brute force authentication attempts.

       The  server  program  fail2ban-server is responsible for monitoring log files and issuing ban/unban commands.  It gets configured through a
       simple protocol by fail2ban-client, which can also read configuration files and issue corresponding configuration commands to the server.

       For details on the configuration of fail2ban see the jail.conf(5) manual page.  A jail (as specified  in  jail.conf)  couples  filters  and
       actions definitions for any given list of files to get monitored.

       For details on the command-line options of fail2ban-server see the fail2ban-server(1) manual page.

       For details on the command-line options and commands for configuring the server via fail2ban-client see the fail2ban-client(1) manual page.

       For  testing  regular  expressions  specified  in  a filter using the fail2ban-regex program may be of use and its manual page is fail2ban-
       regex(1).

LIMITATION

       Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the  risk	that  weak  authentication
       presents.  Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.

       A  local  user  is able to inject messages into syslog and using a Fail2Ban jail that reads from syslog, they can effectively trigger a DoS
       attack against any IP. Know this risk and configure Fail2Ban/grant shell access accordingly.

FILES

       /etc/fail2ban/*

AUTHOR

       Manual page written by Daniel Black and Yaroslav Halchenko

REPORTING BUGS

       Report bugs to https://github.com/fail2ban/fail2ban/issues

COPYRIGHT

       Copyright (C) 2013
       Copyright of modifications held by their respective authors.  Licensed under the GNU General Public License v2 (GPL).

SEE ALSO

       fail2ban-server(1) fail2ban-client(1) fail2ban-regex(1) jail.conf(5)

Fail2Ban							    March 2013							       FAIL2BAN(1)
Man Page