What about Unix sockets? I have created my own server application that needs protection.
My two options:
- Creating a log file for fail2ban to watch
- Establish networking between my server application and fail2ban (Unix sockets)
Asked
Active
Viewed 131 times
1 Answers
1
fail2ban does not monitor unix sockets; it only works with logfiles. The rationale probably are:
logging is easy: you can not only log on a custom file, but also tap into syslog/journal with very little effort;
plain text logs are very handy when you are creating/verifying custom fail2ban regex/rules;
unix sockets can be used for a moltitude of communication protocol, while a plain log file is very "direct" about its content and format rules;
finally, in the *nix word logging is mostly done with standard text files. Why deviating from such (good!) behavior?
shodanshok
- 52,255