• Fail2Ban RegEx

    From it@21:1/142 to All on Friday, January 26, 2018 19:37:36
    I'm trying to get Fail2Ban setup and I can't get it to filter the multiple connect requests. I do have block list enabled as well but I want some extra protection, just in case... :)

    Using fail2ban-regex to confirm my expression does show that it's picking up the entries in node*.log, but it's still not filtering.

    My regex string is
    failregex = Connect from <HOST> \(*

    jail.local reads:
    [mystic]
    enabled = true
    port = 23
    filter = mystic
    logpath = /mystic/logs/node*.log
    maxretry = 2
    findtime = 120
    bantime = 900

    Any ideas?

    --- Mystic BBS v1.12 A38 2018/01/01 (Linux/32)
    * Origin: The Vista BBS - Vallejo, CA USA (21:1/142)