does anyone of you have fail2ban rules for teeworlds? Of course teeworlds doesn't have a login, but you can rate limit connection attempts from the same ip
12:35
the interesting part is the failregex which reads the teeworlds logs
You mean all connections right? Not just rcon attempts? Because if you find a rule for rcon attempts let me know :) currently all my tw servers can be rcon password bruteforced and the retry counter restarts on reconnect
14:11
Also are you talking about THE fail2ban thing that is used for ssh? Or just general firewall rules? I did not know fail2ban is that customizable
14:15
Oh yea seems like it is. I always thought fail2ban is some network packet inspector from 1907 written in C but seems to be just a log parser in python :D But does the tw server even log to the file which fail2ban looks at?
A python script which communicates with teeworlds server log as input and econ connection as output. - TeeworldsEconMod/075_new_id_format.log at fbc0198c33b552ba1460b4c705eafbc8d5686f33 · chillavan...
I did not test but something like that should work \[\d{4}\-\d{2}\-\d{2} \d{2}:\d{2}:\d{2}\]\[server\]: player is ready. ClientID=\d addr=<HOST>:\d+
14:30
failregex = ^\[\d{4}\-\d{2}\-\d{2} \d{2}:\d{2}:\d{2}\]\[server\]: player is ready. ClientID=\d addr=<HOST>:\d+$
14:32
If you try to fix ddos or something like that it might not help. Because there are a lot of packages exchanged before the "player is ready" message is being printed
does anyone of you have fail2ban rules for teeworlds? Of course teeworlds doesn't have a login, but you can rate limit connection attempts from the same ip
it is generally used as a firewall tool, I use it for my nextcloud, too. I am not worried about the person who tries to connect 5 dummies to a teeworlds server, I am worried about the person who tries 100 tcp connections at once
15:56
you can configure the file fail2ban looks at, and I want to look at the server log and regex parse it
