Synchronet v3.21e-Win32 (install) has been released (Mar-2026).

You can donate to the Synchronet project using PayPal.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
howto:fail2ban [2022/01/30 04:47] – Added new rule for clients consistently exceeding the maximum connection allowance Karlochhowto:fail2ban [2025/08/18 14:15] (current) – Updated filter for hack.log, now matching all hack attempts, not just FTP Karloch
Line 92: Line 92:
 before = common.conf before = common.conf
 [Init] [Init]
-maxlines=6+maxlines = 3
 [Definition] [Definition]
-failregex = ^SUSPECTED FTP HACK ATTEMPT from .* on .* \nUsing port .* at .* \[<HOST>\]\nDetails: .\n+failregex = ^SUSPECTED .* LOGIN HACK ATTEMPT .*$(?:\r?\n)+Using port \S+ at .* \[(?:::ffff:)?<HOST>\]\s*
 +datepattern = {}(?:Mon|Tue|Wed|Thu|Fri|Sat|Sun) %%b %%d %%Y %%H:%%M:%%S
 ignoreregex = ignoreregex =
 </code> </code>
Line 105: Line 106:
 failregex = .* !TEMPORARY BAN of .* <HOST> .* failregex = .* !TEMPORARY BAN of .* <HOST> .*
             SMTP BLACKLISTED SERVER on .* \(.*\)\: .* \[<HOST>\]             SMTP BLACKLISTED SERVER on .* \(.*\)\: .* \[<HOST>\]
 +            ^.*\[<HOST>\].*\!TEMPORARY BAN.*$
 ignoreregex = ignoreregex =
 </code> </code>

Trace: Use Fail2Ban on GNU/Linux to block botnet's attacks