diff options
Diffstat (limited to 'ssh.txr')
| -rw-r--r-- | ssh.txr | 26 |
1 files changed, 26 insertions, 0 deletions
@@ -0,0 +1,26 @@ +@(load "txrban") +@(set *short-period* 15) +@(set *short-limit* 15) +@(set *short-ban* @(* 24 3600)) +@(set *long-period* 300) +@(set *long-limit* 10) +@(set *long-ban* @(* 24 3600)) +@(next @(open-tail "/var/log/auth.log" "r" nil)) +@(repeat) +@ (all) +@(m month) @(n day) @(n year) @(n hour):@(n min):@(n sec) @(skip) +@ (bind time @(make-time year month day hour min sec :auto)) +@ (and) +@ (cases) +@nil @nil @nil @nil localhost sshd[@nil]: Failed password for @user from @ip port @(skip) +@ (do + (let ((users (get-info ip)) + (level 0)) + (if (> (length users) 3) + (set level 9)) + (report ip time level user))) +@ (or) +@ (do (do-expiry time)) +@ (end) +@ (end) +@(end) |