LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Reload this Page [SOLVED] syslogd "last message repeated X times" interfering with fail2ban
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 06-29-2016, 12:36 AM   #1
Sm0k3
Member
 
Registered: Sep 2003
Location: Chicago
Distribution: Slackware-current
Posts: 63

Rep: Reputation: 15
syslogd "last message repeated X times" interfering with fail2ban

Hey folks,

Been using slackware 14.1 since it was released ages ago. in an attempt to cut down on brute force attacks in real time I installed fail2ban, which works great for the most part... except in circumstances where the brute force is happening fast enough to trigger syslog's compression mechanisms. Normally having the same 150 some lines compacted into a simple "last message repeated X times" would be ideal, but not for a bot that's trying to put a stop to abuse in an automated fashion.

After some google research I noticed that FreeBSD's version can be called with a -c on the command line to disable this but sysklogd that's included with Slackware doesn't offer such an option.

Any ideas?

fail2ban version 0.8.3
sysklogd version 1.5.1
 
Old 06-29-2016, 12:52 AM   #2
ponce
LQ Guru
 
Registered: Aug 2004
Location: Pisa, Italy
Distribution: Slackware
Posts: 7,098

Rep: Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175Reputation: 4175
http://alt.os.linux.slackware.narkiv...peated-x-times (DISCLAIMER: not tested here)
 
Old 06-29-2016, 02:06 AM   #3
volkerdi
Slackware Maintainer
 
Registered: Dec 2002
Location: Minnesota
Distribution: Slackware! :-)
Posts: 2,504

Rep: Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461Reputation: 8461
Here's a better patch.
Attached Files
File Type: txt sysklogd.allow.repeated.messages.diff.txt (2.0 KB, 360 views)
 
2 members found this post helpful.
Old 06-29-2016, 08:35 AM   #4
Sm0k3
Member
 
Registered: Sep 2003
Location: Chicago
Distribution: Slackware-current
Posts: 63

Original Poster
Rep: Reputation: 15
Much appreciated guys
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New MPICH2 installation "interfering" with "make", cant compile fortran programs shitij90 Programming 1 07-28-2011 09:40 AM
New Install of Debian of PPC G4 not booting with repeated message "drive not ready.." jeffpeck Linux - Newbie 7 03-23-2010 08:58 PM
Annoying message "Syslogd@localhost" marmen Linux - Newbie 3 09-20-2007 11:55 AM
msyslog hack - stop the "last message repeated" insanity??? whysyn Linux - Software 1 04-26-2006 10:34 AM
repeated message (tty1): ASSERT: "i <= nodes" in /usr/lib/qt-3.1.2/include/qvaluelist megahard Linux - General 4 01-17-2006 10:59 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:12 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration