English English

Warning: count(): Parameter must be an array or an object that implements Countable in /var/www/ard-site/templates/ardsite/library/Designer/Content/SingleArticle.php on line 198

Matrix-Synapse - Filtre Fail2ban

How to create a fail2ban filter for the application "matrix" (matrix-synapse).

Matrix is a chat/messaging server which can be used with the app Riot. We have to create a new filter and add that as a jail to fail2ban.

Important: You need to have at least the version fail2ban 0.9.1, because this filter uses multiple lines for the regex.

 

Create the filter

# matrix-synapse configuration file
#

[Init]
maxlines = 3

[Definition]

# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>\S+)
# Values:  TEXT
#

failregex = .*::ffff:<HOST> - 8448 - Received request: POST.*\n.*Got login request.*\n.*Attempted to login as.*
            .*::ffff:<HOST> - 8448 - Received request: POST.*\n.*Got login request.*\n.*Failed password login.*

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

 

Add filter to fail2ban jails

Adjust the logpath to your log file, if you use another log file.

[matrix-synapse]
enabled = true
filter = matrix-synapse
logpath = /var/log/matrix-synapse/homeserver.log
maxretry = 5

Restart fail2ban to activate the new settings

service fail2ban restart



Important: You have to make the log files smaller, to avoid performance issues in fail2ban. Please make the amount of bytes smaller in the log config file log.yaml.

vim /etc/matrix-synapse/log.yaml

 

Now you are done.

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

Ok