Hi,
If you want to block entries like this:
Jan 26 00:45:17 freebsd sshd[40602]: Bad protocol version identification '\377\375\001' from v.z.y.x
Jan 26 00:45:20 freebsd sshd[40612]: Bad protocol version identification '\377\375\001' from v.z.y.x
Jan 26 00:45:21 freebsd sshd[40616]: Bad protocol version identification '\377\375\001' from v.z.y.x
Jan 26 00:45:22 freebsd sshd[40620]: Bad protocol version identification '\377\375\001' from v.z.y.x
You just add this regexp in your config-file:
"SSHD-BadProtocol": re.compile(r"""sshd\[(?P\d+)\]: Bad protocol version identification (?P.*?) from (::ffff:)?(?P\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
Regards,
Børge Nese
Travel Travel reports, it is all about food
Montreal: Schwartz's, Le Petit Alep
Albums: Pictures and some notes
ITRANS Song Book Hindi, Urdu, Marathi song lyrics
Online ITRANS Web Interface
BlockHosts block hosts
BlockHosts FAQ
BlockHosts Forum
CD Inserts & Envelopes Web Interface
Nisha Ganatra's Films
Cake: starring Heather Graham
Email: avinash@aczoom.com
Copyright © 1995-2016 Avinash Chopde, avinash@aczoom.com
