fail2ban-rs 1.2.1

A pure-Rust fail2ban replacement. Single static binary, fast two-phase matching, nftables/iptables firewall backends.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

use super::FilterTemplate;

pub const FILTER: FilterTemplate = FilterTemplate {
    name: "grafana",
    description: "Grafana login failures",
    log_path: "/var/log/grafana/grafana.log",
    date_format: "iso8601",
    patterns: &[
        r"Invalid username or password.*remote_addr=<HOST>",
        r"User not found.*remote_addr=<HOST>",
    ],
};

#[cfg(test)]
mod tests {
    use crate::detect::filters::test_util::assert_filter_matches;

    #[test]
    fn invalid_username_or_password() {
        assert_filter_matches(
            "grafana",
            r#"t=2020-10-19T17:44:33+0200 lvl=eror msg="Invalid username or password" logger=context userId=0 orgId=0 uname= error="Invalid Username or Password" remote_addr=182.56.23.12"#,
            "182.56.23.12",
        );
    }

    #[test]
    fn user_not_found() {
        assert_filter_matches(
            "grafana",
            r#"t=2020-10-19T18:44:33+0200 lvl=eror msg="Invalid username or password" logger=context userId=0 orgId=0 uname= error="User not found" remote_addr=182.56.23.13"#,
            "182.56.23.13",
        );
    }
}