Question

problem with regex in Fail2ban

Posted June 30, 2017 2.9k views
NginxUbuntu

Bonjour,

I try to enter a new jail for my fail2ban, but I’m not really good in regex.
My line to analyse is :
2017/06/30 06:15:19 [info] 2144#0: 257197 upstream sent invalid response: “NO AUTHENTICATE failed” while reading response from upstream, client: 59.61.79.82:33407, server: 0.0.0.0:993
and I try with
failregex = . upstream sent invalid response: ’.’ \client: ’<HOST>’\
and the error is
ERROR Unable to compile regular expression ’. upstream sent invalid response: ’.’ \client: ’(?:::f{4,6}:)?(?P<host>[\w-.^_]\w)’'
I try to change a part, to find a good way… but nothing good, and all the time this error.

Thanks for your help.

Add a comment
globo
By:
globo
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
hansen June 30, 2017

Hi @globo

You need to use the </> button in the comment editor, so the text doesn’t lose format.

A good tool for playing around with regex is this website:
https://regex101.com/ - by the way, fail2ban is Python based, so choose that in Flavor.

Reply Report
globo June 30, 2017

Hi Hansen,

ok thanks

017/06/30 06:15:19 [info] 2144#0: *257197 upstream sent invalid response: "NO AUTHENTICATE failed" while reading response from upstream, client: 59.61.79.82:33407, server: 0.0.0.0:993

failregex = .* upstream sent invalid response: '.*' \client: '<HOST>'\
Reply Report
globo July 10, 2017

Hello
nice, works fine.
A great thanks.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help