You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current version of the filter only supports the development edition. This version is based on the following log.
I believe it's necessary to add support for the stable edition. I am prepared to create a pull request but would appreciate guidance on the correct approach.
As far as I understand, for the stable edition, we need to add new logs for testing and corresponding filters. I propose creating a new file for the log:
fail2ban/tests/files/logs/softethervpn_se
and a corresponding filter:
config/filter.d/softethervpn_se.conf
Here, '_se' indicates the Stable edition.
What are your thoughts on this? Is there any guidance available?
The text was updated successfully, but these errors were encountered:
Don't understand why you need this new issue or why the discussion cannot continue further in #3669, but OK.
I believe it's necessary to add support for the stable edition.
I though that I detailed wrote about the necessity and sense of this work.
But OK, just note that the time I spent for that minor stuff could be invested in further development of fail2ban.
Sad that a lot of trivialities like this hinder me to do another work (here and in other OSS projects).
config/filter.d/softethervpn_se.conf
I already wrote before: many filters of the same thing are not welcome here, so in best case the version should be parametrized somehow.
The reason is - if one follows this strategy, in few years we'd have thousand filters (and jails) and nobody has overall control over it,
Here, '_se' indicates the Stable edition.
I don't like the naming too, because what is stable today becomes obsolete tomorrow.
As for parametrized filter, something like that could work (here logformat is the parameter controlling that):
[INCLUDES]before = common.conf
[Definition]failregex = <<logformat>/failregex>
logformat = singleline
[singleline]failregex = ^<__prefix_line>(?:(?:\([\d\-]+ [\d:.]+\) )?<SECURITY_LOG>: )?Connection "[^"]+": User authentication failed. The user name that has been provided was "<F-USER>(?:[^"]+|.+)</F-USER>", from <ADDR>\.$
[multiline]failregex = ^\s*The <F-NOFAIL>connection</F-NOFAIL> "<F-MLFID>CID-\d+</F-MLFID>" \(IP address: <ADDR>,
^\s*Connection "<F-MLFID>CID-\d+</F-MLFID>": User authentication failed\. The user name that has been provided was "<F-USER>[^"]+</F-USER>"
I would like to discuss an issue related to the investigation carried out during Pull Request 3369 in collaboration with @sebres
The SoftEtherVPN project has two repositories:
Development Edition
Stable Edition
The current version of the filter only supports the development edition. This version is based on the following log.
I believe it's necessary to add support for the stable edition. I am prepared to create a pull request but would appreciate guidance on the correct approach.
As far as I understand, for the stable edition, we need to add new logs for testing and corresponding filters. I propose creating a new file for the log:
and a corresponding filter:
Here, '_se' indicates the Stable edition.
What are your thoughts on this? Is there any guidance available?
The text was updated successfully, but these errors were encountered: