mpd5 - ban IP with failed authentication

Selin

Member

Reaction score: 10
Messages: 44

Hi

I want to protect my PPTP/L2TP VPN server by banning clients after 3 failed authentications.
Tried to use fail2ban (+IPFW) but was unable to find any IP in MPD5/Racoon logs (even with debug log level).
Is there any solution how to ban IP of a client that failed PPTP/L2TP authentications several times?

Thanks
 

Geezer

Aspiring Daemon

Reaction score: 515
Messages: 836

Write a program that polls the log files and adds rules to your firewall.
 
OP
S

Selin

Member

Reaction score: 10
Messages: 44

No need for a new program. Fail2ban does this perfectly.
The problem - how to force MPD5 to log IP addresses...
Or, maybe, MPD5 has already some built-in option to ban failed IPs... But I'm just unable to find such an option.
 

VladiBG

Daemon

Reaction score: 614
Messages: 1,318

What you have in your racoon.log can you share it. By default it logs to the syslogd.
 
Top