Debian Jessie
Fail2Ban v0.8.13
Code: Alles auswählen
Nov 16 01:48:22 server kernel: [102787.380151] UDP: short packet: From 44.136.252.55:7565 3620/1480 to 64.172.184.46:4431
Nov 16 01:48:22 server kernel: [102787.490086] UDP: short packet: From 44.136.252.55:7565 3901/1480 to 64.172.184.46:4431
Nov 16 01:51:34 server kernel: [102979.315643] UDP: short packet: From 37.126.188.47:7565 3764/1480 to 64.172.184.46:4431
Nov 16 01:51:34 server kernel: [102979.425152] UDP: short packet: From 37.126.188.47:7565 3737/1480 to 64.172.184.46:4431 Code: Alles auswählen
[ddos]
enabled = true
port = all
banaction = iptables-allports
port = anyport
protocol = udp
filter = ddos
logpath = /var/log/kern.log
maxretry = 2Code: Alles auswählen
# Fail2Ban configuration file
#
#
#
[INCLUDES]
# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf
[Definition]
# Option: failregex
# Notes.: Auto block short UDP.
# Values: TEXT
#
failregex = UDP: short packet: From <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =