# fail2ban quick help...



## pinguim007 (Dec 1, 2012)

hello,

I am trying to create a pptpd anti-brute force on fail2ban, can somebody help me?



```
Error
------------------------------------------------------------------------------------------

fail2ban.filter : ERROR  Unable to compile regular expression 'Authentication failure for pptpd from .* host pptpd (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) CTRL: Client (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) control connection finished'

------------------------------------------------------------------------------------------
jail.conf

[pptpd]

enabled = true
port    = 1723
filter  = pptpd-auth
logpath = /var/log/syslog
maxretry = 3

------------------------------------------------------------------------------------------
filter

failregex = Peer .* failed CHAP authentication
failregex = CTRL: Client <HOST> control connection finished


# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =
~
-----------------------------------------------------------------------------------------
Log

 Peer usera failed CHAP authentication
Nov 29 19:45:54 host pppd[10992]: Connection terminated.
Nov 29 19:45:54 host pppd[10992]: Exit.
Nov 29 19:45:54 host pptpd[10991]: GRE: read(fd=6,buffer=8058640,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Nov 29 19:45:54 host pptpd[10991]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Nov 29 19:45:54 host pptpd[10991]: CTRL: Reaping child PPP[10992]
Nov 29 19:45:54 host pptpd[10991]: CTRL: Client 189.10.177.138 control connection finished

-----------------------------------------------------------------------------------------
```


----------



## pinguim007 (Dec 6, 2012)

*Nobody?*

Nobody?


----------



## chatwizrd (Dec 6, 2012)

Why dont you just post to the fail2ban mailing list. Not sure why you are asking here.

http://www.fail2ban.org/wiki/index.php/HOWTO_Seek_Help


----------

