mirror of
https://github.com/yrutschle/sslh.git
synced 2025-04-12 15:17:14 +03:00
26 lines
505 B
Plaintext
26 lines
505 B
Plaintext
# Add the following to you fail2ban configuration file
|
|
# In Debian it'd go in /etc/fail2ban/filter.d/sslh-ssh.conf
|
|
|
|
|
|
# Fail2Ban filter for sslh demultiplexed ssh
|
|
#
|
|
# Doesn't (and cannot) detect auth errors,
|
|
# but many connection attempts from the same
|
|
# origin is reason enough to block.
|
|
#
|
|
# Version: 2014-03-28
|
|
|
|
[INCLUDES]
|
|
|
|
# no includes
|
|
|
|
[Definition]
|
|
|
|
failregex = ^.+ sslh\[.+\]: ssh:connection from <HOST>:.+ to .+ forwarded
|
|
from .+ to .+:ssh\s*$
|
|
|
|
ignoreregex =
|
|
|
|
# Author: Evert Mouw <post@evert.net>
|
|
|