fail2ban & pure-ftpd

Discussion in 'Server Operation' started by JeanC, Mar 9, 2011.

Thread Status:
Not open for further replies.
  1. JeanC

    JeanC New Member

    SOLVED fail2ban & pure-ftpd

    Edit: solved with sudo chmod a+rw /var/run/fail2ban/fail2ban.sock

    Fail2ban does not ban authentication failures from pure-ftpd. Anybody can help me?

    I used this filter :
    __errmsg = (?:Authentication failed for user|Erreur d'authentification pour l'utilisateur)
    failregex = pure-ftpd: \(\?@<HOST>\) \[WARNING\] %(__errmsg)s \[.+\]$
    ignoreregex =
    This is in jail.conf:

    enabled  = true
    port	 = ftp,ftp-data,ftps,ftps-data
    filter   = pure-ftpd
    logpath  = /var/log/messages
    maxretry = 6
    These are in /var/log/messages:

    Mar  9 09:33:24 server pure-ftpd: (?@ [WARNING] Authentication failed for user [anonymous]
    Testing with

    fail2ban-regex /var/log/messages /etc/fail2ban/filter.d/pure-ftpd.conf
    yields lots of hits.

    'sudo fail2ban-client status' tells me it's running the jail.

    Still no bans.

    Thanks for help.
    Last edited: Mar 10, 2011
Thread Status:
Not open for further replies.

Share This Page