35 lines
837 B
YAML
35 lines
837 B
YAML
---
|
|
definitions:
|
|
- &iptablesban iptables -I reaction 1 -s <ip> -j block
|
|
- &iptablesunban iptables -D reaction 1 -s <ip> -j block
|
|
|
|
# regexes:
|
|
# ip: '(([0-9]{1,3}\.){3}[0-9]{1,3})|([0-9a-fA-F:]{2,90})'
|
|
|
|
streams:
|
|
tailDown:
|
|
cmd: [ "tail", "-f", "/home/ao/DOWN" ]
|
|
filters:
|
|
lookForProuts:
|
|
regex:
|
|
- prout
|
|
retry: 1
|
|
retry-period: 1s
|
|
actions:
|
|
damn:
|
|
cmd: [ "echo", "DAMN" ]
|
|
sleepdamn:
|
|
cmd: [ "echo", "sleepDAMN" ]
|
|
after: 2s
|
|
|
|
# - cmd: journalctl -fu phpfpm-nextcloud.service
|
|
# filters:
|
|
# - regex:
|
|
# - '"message":"Login failed: .\+ (Remote IP: <ip>)"'
|
|
# retry: 3
|
|
# retry-period: 1h
|
|
# actions:
|
|
# - cmd: *iptablesban
|
|
# - cmd: *iptablesunban
|
|
# after: 1h
|