df81585cea
* provides an option to transfer log events on remote servers via cgi interface (disabled by default), see readme for details * refine the allowlist check to support IP intervals as well before adding an IP to the blocklist Signed-off-by: Dirk Brenken <dev@brenken.org>
10 lines
438 B
Text
10 lines
438 B
Text
config banip 'global'
|
|
option ban_enabled '0'
|
|
option ban_debug '0'
|
|
option ban_autodetect '1'
|
|
list ban_logterm 'Exit before auth from'
|
|
list ban_logterm 'luci: failed login'
|
|
list ban_logterm 'error: maximum authentication attempts exceeded'
|
|
list ban_logterm 'sshd.*Connection closed by.*\[preauth\]'
|
|
list ban_logterm 'SecurityEvent=\"InvalidAccountID\".*RemoteAddress='
|
|
list ban_logterm 'received a suspicious remote IP '\''.*'\'''
|