Brute Force Monitor no records

pera

Verified User
Joined
Jul 29, 2004
Messages
97
Location
Sweden / Varberg
I notice that Brute Force Monitor stop doing record since this morning!
Removed the file /usr/local/directadmin/data/admin/brute_log_entries.list
wait for it to be created but nothing.

the maillog is showing new entries but nothing in DirectAdmin Brute Force Monitor.

I have tried everything I can find on the forum.

FreeBSD 9.1 64 bit
DirectAdmin 1.43.3

any sugestions?
 

pera

Verified User
Joined
Jul 29, 2004
Messages
97
Location
Sweden / Varberg
I created empty brute_log_entries.list
/usr/local/directadmin/data/admin/ip_blacklist is working

BFM does not read the log files?
2013-08-01_203343.gif
 

pera

Verified User
Joined
Jul 29, 2004
Messages
97
Location
Sweden / Varberg
running debug mode
# ./directadmin b6000

Command::doCommand(/CMD_BRUTE_FORCE_MONITOR)
InternalText::init(serverinfo)
ServerInfo::fill_brute_force_tokens : start
ServerInfo::fill_brute_force_tokens : fill tables
InternalText::init(table)
ServerInfo::fill_brute_force_tokens : sorting
ServerInfo::fill_brute_force_tokens : have blocked_ips
InternalText::init(table)
ServerInfo::fill_brute_force_tokens : IP info
InternalText::init(table)
ServerInfo::fill_brute_force_tokens : User info: 0 entries
InternalText::init(table)
ServerInfo::fill_brute_force_tokens : User info: sorting
ServerInfo::fill_brute_force_tokens : Skip list
InternalText::init(table)
ServerInfo::fill_brute_force_tokens : done
Command::doCommand(/CMD_BRUTE_FORCE_MONITOR) : finished
Command::run: finished /CMD_BRUTE_FORCE_MONITOR
Send::sendData(/CMD_BRUTE_FORCE_MONITOR) sendNothing=0
Send::sendData: DONE. Sent: 13083 bytes
Sockets::handshake - begin
Sockets::handshake - end
 

pera

Verified User
Joined
Jul 29, 2004
Messages
97
Location
Sweden / Varberg
I removed all entries from
/usr/local/directadmin/data/admin/brute.conf

This was removed:
/var/log/auth.log=pos=51417&size=51417
/var/log/exim/mainlog=pos=2991582&size=2991582
/var/log/maillog=pos=12898001&size=12898001
/var/log/messages=pos=61224&size=61224

The system created it again BUT:
only entries from /var/log/exim/mainlog is in the Brute Force Monitor list.
 
Top