mirror of
https://github.com/moparisthebest/sslh
synced 2024-11-25 02:22:19 -05:00
26 lines
500 B
Plaintext
26 lines
500 B
Plaintext
|
# Add the following to you fail2ban configuration file
|
||
|
# In Debian it'd go in /etc/fail2ban/filter.d/sslh-ssh.conf
|
||
|
|
||
|
|
||
|
# Fail2Ban filter for sslh demultiplexed ssh
|
||
|
#
|
||
|
# Doesn't (and cannot) detect auth errors,
|
||
|
# but many connection attempts from the same
|
||
|
# origin is reason enough to block.
|
||
|
#
|
||
|
# Verion: 2014-03-28
|
||
|
|
||
|
[INCLUDES]
|
||
|
|
||
|
# no includes
|
||
|
|
||
|
[Definition]
|
||
|
|
||
|
failregex = ^.+ sslh\[.+\]: connection from <HOST>:.+ to .+ forwarded
|
||
|
from .+ to .+:ssh\s*$
|
||
|
|
||
|
ignoreregex =
|
||
|
|
||
|
# Author: Evert Mouw <post@evert.net>
|
||
|
|