d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Further refine the auth fail regex to catch more auth failures and

Browse Source 
reduce false positives.

The committed patch was provided by Christian Marg.

PR:		91732
Submitted by:	Daniel O'Connor <doconnor at gsoft.com.au>
		Skye Poier <spoier at gmail.com>
		Alan Amesbury <amesbury at umn.edu>
		Christian Marg <marg at rz.tu-clausthal.de>
MFC after:	1 month
This commit is contained in:
Christian Brueffer 2014-02-20 23:43:49 +00:00
parent 93c4e6d498
commit 84beb433c0
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=262273
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etc/periodic/security/800.loginfail
View File

@ -64,7 +64,7 @@ if check_yesno_period security_status_loginfail_enable
then
echo ""
echo "${host} login failures:"
n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
n=$(catmsgs | egrep -ia "^$yesterday.*: .*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0
fi