Fail2ban and mysql

Discussion in 'Server Operation' started by pititis, Jan 27, 2011.

  1. pititis

    pititis Member

    Hello,

    Why fail2ban don't support mysql? I have found a patch to make it work but I think that mysql logging can be a performance killer. I have test to logging and in minutes I get a very heavy log (logging with "General query log" level ). There is any way to log only connections in mysql?

    Cheers!
     
  2. tgs

    tgs New Member

    Fail2ban does not work well with mysql.log because MySQL does not log the client IP address of the failed login attempt.

    The part after the '@' in the "Access denied for user 'name'@'host.doma.in'" message is the result of a reverse DNS lookup on the client IP address, which may or may not resolve back to the original IP address. If it doesn't, fail2ban will fail, or worse, ban the wrong address.
     

Share This Page