From f1ef9e9b37c796abc00a084bd19d9fb444ca54a1 Mon Sep 17 00:00:00 2001
From: jeblove <249972068@qq.com>
Date: Fri, 19 Jan 2024 16:12:38 +0800
Subject: [PATCH] Fix Authelia matching

---
 filter.d/authelia-auth.conf | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/filter.d/authelia-auth.conf b/filter.d/authelia-auth.conf
index cd272ef..9e1522b 100644
--- a/filter.d/authelia-auth.conf
+++ b/filter.d/authelia-auth.conf
@@ -1,4 +1,4 @@
-## Version 2022/08/06
+## Version 2024/01/19
 # Fail2Ban filter configuration for authelia
 
 [INCLUDES]
@@ -11,11 +11,11 @@ before = common.conf
 [Definition]
 
 # this counts every failed login (wrong username or password) and failed TOTP entry as a failure
-failregex = ^.*Unsuccessful (1FA|TOTP|Duo|U2F) authentication attempt by user .*remote_ip="?<HOST>"? stack.*
-            (?i)^.*access to .*is not authorized.*remote_ip=<HOST>
-            ^.* is banned until .*remote_ip=<HOST> stack.*
+failregex = ^.*Unsuccessful (1FA|TOTP|Duo|U2F) authentication attempt by user .*remote_ip"?(:|=)"?<HOST>"?.*$
+            (?i)^.*access to .*is not authorized.*remote_ip"?(:|=)"?<HOST>"?.*$
+             ^.* is banned until .*remote_ip"?(:|=)"?<HOST>"?.*$
 
 # we can ignore debug, info and warning messages as all authentication failures are flagged as level=error by Authelia
-ignoreregex = ^.*level=debug.*
-              ^.*level=info.*
-              ^.*level=warning.*
+ignoreregex = ^.*level"?(:|=)"?info.*
+              ^.*level"?(:|=)"?warning.*
+              ^.*level"?(:|=)"?debug.*