reaction/cdc.md

# Serveur

`reactiond <FILEPATH>`

Avec un défaut à `/etc/reaction/reactiond.conf`

```yaml
actions:
  iptables:
    
regexes:
  IP: '(([0-9]{1,3}\.){3}[0-9]{1,3})|([0-9a-fA-F:]{2,90})'

streams:
 nextcloud:
   cmd: journalctl -fu phpfpm-nextcloud.service
   actions:
     - regex: '"message":"Login failed: .\+ (Remote IP: \(?<IP>[0-9a-fA-F.:]\+\))"'
       # Can also be a list
       cmd: iptables -I f2b-nextcloud 1 -s <ip> -j <blocktype>
```

reactionc: le client
initial commit 2023-03-18 21:39:01 +01:00			`# Serveur`

			`reactiond <FILEPATH>`

			Avec un défaut à `/etc/reaction/reactiond.conf`

			```yaml
			`actions:`
			`iptables:`

			`regexes:`
			`IP: '(([0-9]{1,3}\.){3}[0-9]{1,3})\|([0-9a-fA-F:]{2,90})'`
uniform cdc 2023-03-19 23:09:59 +01:00
initial commit 2023-03-18 21:39:01 +01:00			`streams:`
			`nextcloud:`
uniform cdc 2023-03-19 23:09:59 +01:00			`cmd: journalctl -fu phpfpm-nextcloud.service`
initial commit 2023-03-18 21:39:01 +01:00			`actions:`
			`- regex: '"message":"Login failed: .\+ (Remote IP: \(?<IP>[0-9a-fA-F.:]\+\))"'`
			`# Can also be a list`
uniform cdc 2023-03-19 23:09:59 +01:00			`cmd: iptables -I f2b-nextcloud 1 -s <ip> -j <blocktype>`
initial commit 2023-03-18 21:39:01 +01:00			```

			`reactionc: le client`