asif/fail2banUFW
1
0
Fork 0
Code Issues Pull Requests Releases 3 Wiki Activity

combine ignoreregex into single expression

Browse Source
This commit is contained in:
Asif Bacchus 2020-01-17 14:01:48 +00:00
parent aaab4e5eff
commit 610aa092e6
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etc/fail2ban/filter.d/ufw-probe.conf
View File

@ -3,8 +3,7 @@ failregex = .*\[UFW BLOCK\] IN=.* SRC=<HOST>
# ignore common multicast device discovery calls on LOCAL IPv4/IPv6 networks
# still ban non-local (WAN) calls to any associated ports
ignoreregex = SRC=(10\.|172\.1[6-9]\.|172\.2[0-9]\.|172\.3[0-1]\.|192\.168\.).* DST=224\.0\.0.* DF PROTO=2\s+$
SRC=(10\.|172\.1[6-9]\.|172\.2[0-9]\.|172\.3[0-1]\.|192\.168\.|fe\w*\:).* DST=.* PROTO=UDP.* DPT=(1900|3702|5353|5355) LEN=\d*\s+$
ignoreregex = SRC=(10\.|172\.1[6-9]\.|172\.2[0-9]\.|172\.3[0-1]\.|192\.168\.|fe\w*:).* DST=(static.ip.address.here|224\.0\.0\.*).* PROTO=(2|UDP)(\s+|.* DPT=(1900|3702|5353|5355) LEN=\d*\s+)$
# NOTES: