floreo/jail.local

## jail.local
[teeworlds-overflows]

enabled  = true
port     = 8300:8310
protocol = udp
filter   = teeworlds-overflows
logpath  = /var/log/teeworlds/*.log
maxretry = 2
findtime = 2
bantime  = 60

## teeworlds-overflows.local
# Fail2Ban configuration file
#
# Author: Florian Leleu
#
# $Revision$
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
#before = common.conf

[Definition]

# Option:  failregex
# Notes.:  Regexp to catch Teeworlds overflow attempts.
# Values:  TEXT
#
failregex = client dropped\. cid=[0-9]+ addr=<HOST>:

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

## todo
# install both teeworlds-server and fail2ban
apt-get install teeworlds-server fail2ban

# you may edit your ~/.profile because teeworlds-server won't be in your PATH
vi ~/.profile

# add this line
export PATH=$PATH:/usr/games

# create the following file and add the content of the same file of the gist
/etc/fail2ban/filter.d/teeworlds-overflows.local

# create the following file and add the content of the same file of the gist
/etc/fail2ban/jail.local

# change the setting such as port, logpath, maxretry, findtime and bantime to your convenience

# if you have any log you want to try your jail on, do it this way
fail2ban-regex /var/log/teeworlds/test.log /etc/fail2ban/filter.d/teeworlds-overflows.local

# you can start or reload fail2ban
/etc/init.d/fail2ban start

# you'll have to start your teeworlds-server this way (see https://gist.github.com/floreo/6380cfe7e0d2e509cd57)
# why? because fail2ban requires some specific datetime format
teeworlds-server -f test.conf | gawk 'BEGIN { FS="]"; OFS=FS } /^\[.*\]/ { $1="["strftime("%F %T", systime()); print; fflush() }' &>>/var/log/teeworlds/test.log &

# check status of bans
fail2ban-client status teeworlds-overflows

# this should be all :)
	[teeworlds-overflows]

	enabled = true
	port = 8300:8310
	protocol = udp
	filter = teeworlds-overflows
	logpath = /var/log/teeworlds/*.log
	maxretry = 2
	findtime = 2
	bantime = 60
	# Fail2Ban configuration file
	#
	# Author: Florian Leleu
	#
	# $Revision$
	#

	[INCLUDES]

	# Read common prefixes. If any customizations available -- read them from
	# common.local
	#before = common.conf

	[Definition]

	# Option: failregex
	# Notes.: Regexp to catch Teeworlds overflow attempts.
	# Values: TEXT
	#
	failregex = client dropped\. cid=[0-9]+ addr=<HOST>:

	# Option: ignoreregex
	# Notes.: regex to ignore. If this regex matches, the line is ignored.
	# Values: TEXT
	#
	ignoreregex =
	# install both teeworlds-server and fail2ban
	apt-get install teeworlds-server fail2ban

	# you may edit your ~/.profile because teeworlds-server won't be in your PATH
	vi ~/.profile

	# add this line
	export PATH=$PATH:/usr/games

	# create the following file and add the content of the same file of the gist
	/etc/fail2ban/filter.d/teeworlds-overflows.local

	# create the following file and add the content of the same file of the gist
	/etc/fail2ban/jail.local

	# change the setting such as port, logpath, maxretry, findtime and bantime to your convenience

	# if you have any log you want to try your jail on, do it this way
	fail2ban-regex /var/log/teeworlds/test.log /etc/fail2ban/filter.d/teeworlds-overflows.local

	# you can start or reload fail2ban
	/etc/init.d/fail2ban start

	# you'll have to start your teeworlds-server this way (see https://gist.github.com/floreo/6380cfe7e0d2e509cd57)
	# why? because fail2ban requires some specific datetime format
	teeworlds-server -f test.conf \| gawk 'BEGIN { FS="]"; OFS=FS } /^\[.*\]/ { $1="["strftime("%F %T", systime()); print; fflush() }' &>>/var/log/teeworlds/test.log &

	# check status of bans
	fail2ban-client status teeworlds-overflows

	# this should be all :)