Help with custom regex Soft Ether VPN
Posted: 03 Apr 2017, 16:55
Hello,
I'm trying to create custom regex in CSF to block failed logins for SoftEther VPN .
Here is part of the log file :
Currently i have tested the following options :
Not Working :
Not Working :
Not Working :
Thank You!
I'm trying to create custom regex in CSF to block failed logins for SoftEther VPN .
Here is part of the log file :
Code: Select all
2017-04-03 18:22:28.210 OpenVPN Session 124 (55.55.55.55:49490 -> 192.168.0.19:1194) Channel 0: Failed to connect a channel.
2017-04-03 18:22:28.246 Connection "CID-114" terminated by the cause "User authentication failed." (code 9).
2017-04-03 18:22:28.246 Connection "CID-114" has been terminated.
2017-04-03 18:22:28.246 The connection with the client (IP address 55.55.55.55, Port number 49490) has been disconnected.
2017-04-03 18:22:58.061 OpenVPN Session 124 (55.55.55.55:49490 -> 192.168.0.19:1194): Deleting the session.
Not Working :
Code: Select all
if (($lgfile eq $config{CUSTOM2_LOG}) and ($line =~ /(\d{1,4}-\d{1,2}-\d{1,2} \d{1,2}:\d{1,2}:\d{1,2}.\d{1,3} OpenVPN Session \d \(\S+:\d{1,5} -> \S+:\d{1,5}\) Channel \d: Failed to connect a channel.) {
return ("Failed to connect a channel",$1,"vpnlogin","1","1");
}
Code: Select all
if (($lgfile eq $config{CUSTOM2_LOG}) and ($line =~ /(\d{1,4}-\d{1,2}-\d{1,2} \d{1,2}:\d{1,2}:\d{1,2}.\d{1,3} OpenVPN Session \d .\S+:\d{1,5} -> \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}:\d{1,5}..Channel \d: Failed to connect a channel.) {
return ("Failed to connect a channel",$1,"vpnlogin","1","1");
}
Code: Select all
2017-04-02 19:47:45.715 OpenVPN Session 4 (55.55.55.55:55756 -> 192.168.0.19:1194) Channel 0: Failed to connect a channel.
\d{1,4}-\d{1,2}-\d{1,2} \d{1,2}:\d{1,2}:\d{1,2}.\d{1,3} OpenVPN Session \d .\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}:\d{1,5} -> \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}:\d{1,5}..Channel \d: Failed to connect a channel.
Thank You!