[Pdns-users] protect using fail2ban

Aki Tuomi cmouse at youzen.ext.b2.fi
Thu Jan 30 10:51:31 UTC 2014


On Thu, Jan 30, 2014 at 11:07:54AM +0100, Steffan Noord wrote:
> Hello list,
> 
> Im new to fail2ban and want to secure pdns-server3.1
> I found a treat with
> 
> in /etc/fail2ban/filter.d/pdns.conf: 
> ====== 
> [Definition] 
> failregex = pdns(?:\[\d{1,5}\])?: Not authoritative for '.*',.*sending 
> servfail to <HOST> \(recursion was desired\) 
> ignoreregex = 
> ====== 
> 
>   jail.conf: 
> 
>   ======== 
>   [pdns-qdomain] 
>   enabled = true 
>   #port = domain,8053 
>   protocol = udp 
>   filter = pdns 
>   logpath = /var/log/daemon.log 
>   bantime = 259200 
>   maxretry = 2 
>   ========
> 
> But when starting fail2ban im getting a error:
> 
> ConfigParser.ParsingError: File contains parsing errors: /etc/fail2ban/filter.d/pdns.conf
>         [line  3]: 'servfail to <HOST> \\(recursion was desired\\) \n'
> 
> Can someone help me setup fail2ban ?
> Thanxs
> 
> Steffan

Hi Steffan,

 Are you absolutely sure you know what you are doing? This has great potential in locking out 
 completely legimate users. Why would you want to do this? 

 Your problem, however, is regular expression related. You might want to remove the line break? =)

Aki Tuomi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140130/a647720d/attachment-0001.sig>


More information about the Pdns-users mailing list