I need some help in custom CSF regex

RitikBarnwal

• June 08, 2023 01:07

Hi all, I need CSF to scan a log file automatically block all IPs in that log file. I imagine this will mean wiring a Custom regex and using like CUSTOM1_LOG to deal with it. Can anyone help write the Custom regex to achieve this goal?

• 

  SimpleSonic

  • June 08, 2023 12:56

  You can hire a developer on Upwork if you are unable to do so yourself.

  0
• 

  cPRex Jurassic Moderator

  • June 08, 2023 14:39

  I also don't have anything pre-made that would do this type of work on my end.

  0
• 

  vanessa

  • June 08, 2023 14:42

  I can get you started but you'd likely be looking at hiring someone to write this for you. You need to specify a custom log, like: CUSTOM2_LOG = "/var/log/mylog.log" Then create a custom rule to parse it, ie: if (($lgfile eq $config{CUSTOM2_LOG}) and ($line =~ /([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/)) { return ("Own Blacklist",$1,"Blacklisted","2","80","600"); }

  0

Please sign in to leave a comment.