The wu-ftpd filter backend that is using auth.log does not seem to work
for me. I wrote a backend using the syslog file entries as was
suggested in this bug report. I wanted to submit the filter backend for
review and hopefully inclusion with the base package. It is currently
working great for me. I am sure there are others using wu-ftpd that
could make use of this.
Robert Goley
OpenRDA
# Fail2Ban configuration file for wuftpd
#
# Author: Yaroslav Halchenko
#
# $Revision: 699 $
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile.
# Values: TEXT
#
#failregex = wu-ftpd(?:\[\d+\])?:\s+failed login from.*\[<HOST>\]
failregex = wu-ftpd(?:\[\d+\])?:\s.*failed login from .*\[<HOST>\]
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
