I use CSF many years and have created many custom rules based on https://forum.configserver.com/viewtopic.php?t=7517 - but very first time I've met a problem what I can't understand - because everything looks correct - but does not work.
1) I have created a custom log file what is producing by BASH script adding lines like
printf "BadIP 212.3.197.165\n" >> /var/log/blacklist.log
So BLACKLIST.LOG is very simple and looks like
BadIP 212.3.197.165
BadIP 213.3.197.165
BadIP 214.3.197.165
BadIP 212.3.197.165
BadIP 212.3.197.165
2) I've added this log to CSF.CONF
CUSTOM8_LOG = "/var/log/blacklist.log"
3) I've added the rule to regex.custom.pm to catch exactly IP addresses (tested on various online regex testers - all OK - see example https://regex101.com/r/qFE95M/23)
Code: Select all
if (($lgfile eq $config{CUSTOM8_LOG}) and ($line =~ /[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/)) {
return ("Own Blacklist",$1,"Blacklisted","2","80","600");
}I made few restarts, I've set DEBUG = "1" - but nothing.
No notices, no warnings and no effect.
Much more complex Regex rules with Apache log file still work excellent.
But here is very simple log file and simple rule.
Thanks in advance for any idea WHY it does not work and what to try,
Take care,
Regards
Serge
