Hi Samuel, Thank you for sharing your configuration files! Would you mind to submit a "proper" pull request with them at
https://github.com/fail2ban/fail2ban/pulls upon a brief look I am afraid they might be a bit 'too flexible' thus theoretically allowing for injection attacks, e.g. having .* before AND after .* pretty much demolishes any anchoring at the end you have. Have a look at https://github.com/fail2ban/fail2ban/blob/HEAD/FILTERS regarding some "hints" on regular expressions and test cases. Thanks in advance for the PR. On Wed, 14 May 2014, Samuel Thibault wrote: > Package: fail2ban > Version: 0.8.13-1 > Severity: normal > Tags: patch > Hello, > We use fail2ban for openvpn, here are the rules we are using. -- Yaroslav O. Halchenko, Ph.D. http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Research Scientist, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
