# Fail2Ban filter for xinetd failures
#
# Cfr.: /var/log/(daemon\.|sys)log
#
#
[INCLUDES]
# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf
[Definition]
_daemon = xinetd
prefregex = ^%(__prefix_line)sFAIL: .+$
failregex = ^\S+ address from=$
^\S+ libwrap from=$
ignoreregex =
# DEV Notes:
#
# libwrap => tcp wrappers: hosts.(allow|deny)
# address => xinetd: deny_from|only_from
#
# Author: Guido Bozzetto