Riaan Aspeling RiaanAspeling
francescor93
/ Fail2ban Mosquitto filter
Created
September 12, 2020 15:50
Simple fail2ban jail for Mosquitto authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Following is a simple fail2ban jail for Mosquitto authentication. | |
| When an authentication attempt fails, Mosquitto writes three lines like these to his log file: | |
| --- | |
| <TIMESTAMP>: New connection from <HOST> on port <PORT>. | |
| <TIMESTAMP>: Sending CONNACK to <HOST> | |
| <TIMESTAMP>: Socket error on client <unknown>, disconnecting. | |
| --- | |
| This filter looks for these three lines to get the host and allow you to ban it. |