如何为同一规则configuration多个日志path?
我试图写这样的语法:
[apache-w00tw00t] enabled = true filter = apache-w00tw00t action = iptables-allports logpath = /var/log/apache*/*error.log logpath = /var/www/vhosts/site1.com/log/errorlog logpath = /var/www/vhosts/site1.com/subdom/log/errorlog logpath = /var/www/vhosts/site3/log/errorlog logpath = /var/www/vhosts/site4/log/errorlog maxretry = 1
path都是不同的,所以我不能使用RE *
将更多日志添加到规则的正确语法是什么?
我尝试使用相同的语法,并启动fail2ban时没有错误。 在你的jail.conf中试试这个,如果它不起作用,你可以用一个logpath轻松地将你的规则拆分成几个。
[apache-w00tw00t-1] enabled = true filter = apache-w00tw00t action = iptables-allports logpath = /var/log/apache*/*error.log maxretry = 1 [apache-w00tw00t-2] enabled = true filter = apache-w00tw00t action = iptables-allports logpath = /var/www/vhosts/site1.com/log/errorlog maxretry = 1
等等
这应该终于工作:
[apache-w00tw00t] enabled = true filter = apache-w00tw00t action = iptables-allports logpath = /var/www/vhosts/site1.com/log/errorlog /var/log/apache*/*error.log /var/www/vhosts/site1.com/subdom/log/errorlog /var/www/vhosts/site3/log/errorlog /var/www/vhosts/site4/log/errorlog maxretry = 1