Travel Travel reports, it is all about food
Montreal: Schwartz's, Le Petit Alep
Albums: Pictures and some notes
ITRANS Song Book Hindi, Urdu, Marathi song lyrics
Online ITRANS Web Interface
BlockHosts block hosts
BlockHosts FAQ
BlockHosts Forum
CD Inserts & Envelopes Web Interface
Nisha Ganatra's Films
Cake: starring Heather Graham
Email: avinash@aczoom.com
PAM authentication failure not being picked up.
Hi,
I'm running RHEL4 and am auth via PAM to ldap. The following error occurs but Blockhosts is not picking it up:
Aug 7 13:04:15 www-usr sshd(pam_unix)[26124]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.99.3.99 user=jdoe
using existing posts i've come up with this, but it still doesn't work:
"SSHD-PamFailv2": re.compile(r"""sshd\[\d+\]: \(pam_unix\) authentication failure; logname= uid=[0-9]+ euidi=[0-9]+ tty=ssh ruser= rhosts=(::ffff:)?(?P\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|.*)"""),
can anybody help me out and write a new one? thanx.
Try this
It still seems strange why SSH is not looking the other lines it logs.
But if you can't see anything else in any other log file, here's the pattern that will catch above log lines - add re.compile( ) if using older version of blockhosts, but newer (2.0.5+) can understand this