From de01fa642310ad1ee923bbfb8457cbc1920465d5 Mon Sep 17 00:00:00 2001 From: eiqnepm <86803173+eiqnepm@users.noreply.github.com> Date: Thu, 19 Sep 2024 22:22:24 +0000 Subject: [PATCH 1/3] Fix Home Assistant filtering --- filter.d/homeassistant-auth.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/filter.d/homeassistant-auth.conf b/filter.d/homeassistant-auth.conf index a7a124c..1d3954b 100644 --- a/filter.d/homeassistant-auth.conf +++ b/filter.d/homeassistant-auth.conf @@ -6,7 +6,7 @@ before = common.conf [Definition] -failregex = ^%(__prefix_line)s.*\[homeassistant.components.http.ban\] Login attempt or request with invalid authentication from .*$ +failregex = ^%(__prefix_line)s.*\[homeassistant.components.http.ban\] Login attempt or request with invalid authentication from.*\(\).*$ ignoreregex = From 28077d6a83473256a94d08a8aeaabb0bd75691a8 Mon Sep 17 00:00:00 2001 From: eiqnepm <86803173+eiqnepm@users.noreply.github.com> Date: Fri, 20 Sep 2024 05:59:42 +0100 Subject: [PATCH 2/3] Update homeassistant-auth.conf --- filter.d/homeassistant-auth.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/filter.d/homeassistant-auth.conf b/filter.d/homeassistant-auth.conf index 1d3954b..a7a124c 100644 --- a/filter.d/homeassistant-auth.conf +++ b/filter.d/homeassistant-auth.conf @@ -6,7 +6,7 @@ before = common.conf [Definition] -failregex = ^%(__prefix_line)s.*\[homeassistant.components.http.ban\] Login attempt or request with invalid authentication from.*\(\).*$ +failregex = ^%(__prefix_line)s.*\[homeassistant.components.http.ban\] Login attempt or request with invalid authentication from .*$ ignoreregex = From fb0478e7bcb96af8b8bb4243700b3ad5d8871ec2 Mon Sep 17 00:00:00 2001 From: eiqnepm <86803173+eiqnepm@users.noreply.github.com> Date: Fri, 20 Sep 2024 05:06:30 +0000 Subject: [PATCH 3/3] AdGuard Home config added --- filter.d/adguardhome-auth.conf | 13 +++++++++++++ jail.d/adguardhome-auth.conf | 15 +++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 filter.d/adguardhome-auth.conf create mode 100644 jail.d/adguardhome-auth.conf diff --git a/filter.d/adguardhome-auth.conf b/filter.d/adguardhome-auth.conf new file mode 100644 index 0000000..90d07ab --- /dev/null +++ b/filter.d/adguardhome-auth.conf @@ -0,0 +1,13 @@ +## Version 2024/09/20 +# Fail2Ban filter configuration for AdGuard Home + +[INCLUDES] +before = common.conf + +[Definition] + +failregex = ^.*\/control\/login: from ip : invalid username or password.*$ + +ignoreregex = + +datepattern = %%Y/%%m/%%d %%H:%%M:%%S.%%f diff --git a/jail.d/adguardhome-auth.conf b/jail.d/adguardhome-auth.conf new file mode 100644 index 0000000..d055ac4 --- /dev/null +++ b/jail.d/adguardhome-auth.conf @@ -0,0 +1,15 @@ +## Version 2024/09/20 +# Fail2Ban jail configuration for AdGuard Home +# Requires modification to `AdGuardHome.yaml` + +# ```AdGuardHome.yaml +# log: +# enabled: true +# file: /remotelogs/adguardhome/adguardhome.log +# ``` + +[adguardhome-auth] + +enabled = false +port = http,https,3000 +logpath = %(remote_logs_path)s/adguardhome/adguardhome.log