Mirrors/ProxMenux
1
0
Fork 0
mirror of https://github.com/MacRimi/ProxMenux.git synced 2026-02-18 16:36:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update security_manager.py

Browse Source
This commit is contained in:
MacRimi
2026-02-12 19:23:55 +01:00
parent 8fb2deeab0
commit 86789f677a
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
AppImage/scripts/security_manager.py
View File

@@ -793,12 +793,11 @@ def apply_missing_jails():
if "proxmox" not in current_jails: if "proxmox" not in current_jails:
try: try:
# Create filter with journalmatch for systemd backend. # Create filter with journalmatch for systemd backend.
# With backend=systemd, fail2ban receives only the MESSAGE field # With backend=systemd, fail2ban receives only the MESSAGE field.
# from the journal (without the "pvedaemon[PID]:" prefix). # We use _SYSTEMD_UNIT instead of _COMM (Proxmox truncates _COMM).
# We use _SYSTEMD_UNIT instead of _COMM because Proxmox truncates # Proxmox logs IPs as ::ffff:x.x.x.x (IPv4-mapped IPv6).
# _COMM to "pvedaemon worke" which won't match _COMM=pvedaemon.
filter_content = """[Definition] filter_content = """[Definition]
failregex = ^(pvedaemon\\[\\d+\\]:\\s+)?authentication (failure|error); rhost=<HOST> user=.* msg=.*$ failregex = ^(pvedaemon\\[\\d+\\]:\\s+)?authentication (failure|error); rhost=(::ffff:)?<HOST> user=.* msg=.*$
ignoreregex = ignoreregex =
journalmatch = _SYSTEMD_UNIT=pvedaemon.service journalmatch = _SYSTEMD_UNIT=pvedaemon.service
""" """