Afficher la réponse de fail2ban client d sur une installation par défaut

# Installation par défaut sur GNU/Linux Mint Sarah.

fail2ban-client -d

['set', 'syslogsocket', 'auto']
['set', 'loglevel', 'INFO']
['set', 'logtarget', '/var/log/fail2ban.log']
['set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
['set', 'dbpurgeage', 86400]
['add', 'sshd', 'auto']
['set', 'sshd', 'findtime', 600]
['set', 'sshd', 'addlogpath', '/var/log/auth.log', 'head']
['set', 'sshd', 'ignorecommand', ]
['set', 'sshd', 'bantime', 600]
['set', 'sshd', 'addignoreip', '127.0.0.1/8']
['set', 'sshd', 'maxretry', 5]
['set', 'sshd', 'usedns', 'warn']
['set', 'sshd', 'logencoding', 'auto']
['set', 'sshd', 'maxlines', '10']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )? [aA]uthentication (?:failure|error) for .* from <HOST>( via \\S+)?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Failed \\S+ for .*? from <HOST>(?: port \\d*)?(?: ssh\\d*)?(: (ruser .*|(\\S+ ID \\S+ \\(serial \\d+\\) CA )?\\S+ (?: [\\da-f]{2}:){15} [\\da-f]{2}(, client user ".*", client host ".*")?))?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*ROOT LOGIN REFUSED.* FROM <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s* [iI](?:llegal|nvalid) user .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not listed in AllowUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because listed in DenyUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not in any group\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*refused connect from \\S+ \\(<HOST>\\)\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Received disconnect from <HOST>: 3: \\S+: Auth fail$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because a group is listed in DenyGroups\\s*$']
['set', 'sshd', 'addfailregex', "^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\\s*$"]
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)User .+ not allowed because account is locked<SKIPLINES>(?P=__prefix)(?:error: )?Received disconnect from <HOST>: 11: .+ \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]<SKIPLINES>(?P=__prefix)(?:error: )?Connection closed by <HOST> \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Connection from <HOST> port \\d+(?: on \\S+ port \\d+)?<SKIPLINES>(?P=__prefix)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*pam_unix\\(sshd:auth\\):\\s+authentication failure;\\s*logname=\\S*\\s*uid=\\d*\\s*euid=\\d*\\s*tty=\\S*\\s*ruser=\\S*\\s*rhost=<HOST>\\s.*$']
['set', 'sshd', 'addjournalmatch', '_SYSTEMD_UNIT=sshd.service', '+', '_COMM=sshd']
['set', 'sshd', 'addaction', 'iptables-multiport']
['set', 'sshd', 'action', 'iptables-multiport', 'actionban', '<iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionunban', '<iptables> -D f2b-<name> -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstart', '<iptables> -N f2b-<name>\n<iptables> -A f2b-<name> -j <returntype>\n<iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstop', '<iptables> -D <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>\n<iptables> -F f2b-<name>\n<iptables> -X f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actioncheck', "<iptables> -n -L <chain> | grep -q 'f2b-<name> [ \\t]'"]
['set', 'sshd', 'action', 'iptables-multiport', 'iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'bantime', '600']
['set', 'sshd', 'action', 'iptables-multiport', 'known/port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'known/chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'known/returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'name', 'sshd']
['set', 'sshd', 'action', 'iptables-multiport', 'known/iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/name', 'default']
['start', 'sshd']

NAVIGATION

Bienvenue sur le wiki de Amis SH.
De nombreuses pages sont partagées sur ce wiki.
Créer un compte utilisateur pour participer sur le wiki.
Les pages présentées sur le wiki évoluent tous les jours.
Certaines recherches sont peu abouties et incluent des erreurs.
Utiliser la recherche interne du wiki pour trouver votre contenu.
La page de discussion de Amis SH vous permet de poser vos questions.
Consulter le site amis-sh.fr pour installer votre propre serveur web.
Améliorer le contenu des pages avec vos retours depuis l'onglet discussion.
Ce contenu ne doit pas servir à nuire à autrui ou à un système informatique.
Protéger votre système Linux ou Windows avec cette page dédiée à la sécurité.

Soutenir le wiki avec un don en monnaie numérique :
AEON - Bitcoins - Bitcoins Cash - Bitcoins Gold - Bitcore - Blackcoins - Basic Attention Token - Bytecoins - Clams - Dash - Monero - Dogecoins - Ğ1 - Ethereum - Ethereum Classique - Litecoins - Potcoins - Solarcoins - Zcash

Obtenir gratuitement de la monnaie numérique :
Miner de la cryptomonnaie.