From Fail2ban
Jump to: navigation, search


for me the regexp did not compile until I changed it to

ovpn-\S+\[[0-9]{4,6}\]: <HOST>:[0-9]{4,5} Connection reset, restarting \[[0-9]{1,2}\]$

This way it is clear that we want messages from openvpn ("ovpn") which is propably a good idea since the messages are posted to syslog.

The text after "ovpn-" is not set because this is the name of the configuration file (aka vpn) which produced the message.

I was not able to test the regexp by now, but at least it compiles cleanly on debian lenny (fail2ban v0.8.3).

I also added following regexp:

ovpn-\S+\[\d+\]: TLS Error: Unroutable control packet received from <HOST>:[0-9]{4,5}

I got the message when I tried to connect with an old certificate that would not be accepted. And this one I tested and it worked.