Fail2Ban and date formats

Fail2Ban is utterly daft in at least one respect. Here’s me testing a regex on a date format it doesn’t recognise:

# fail2ban-regex '2010-12-14 15:12:31 -' ' - <HOST>$'
Found a match but no valid date/time found for 2010-12-14 15:12:31 - Please contact the author in order to get support for this format
Sorry, no match

And on one that it does:

fail2ban-regex '2010/12/14 15:12:31 -' ' - <HOST>$'

Success, the following data were found:
Date: Tue Dec 14 15:12:31 2010
IP  :

Date template hits:
0 hit: Month Day Hour:Minute:Second
0 hit: Weekday Month Day Hour:Minute:Second Year
1 hit: Year/Month/Day Hour:Minute:Second
0 hit: Day/Month/Year:Hour:Minute:Second
0 hit: TAI64N
0 hit: Epoch

Benchmark. Executing 1000...
Avg: 0.10257935523986816 ms
Max: 0.125885009765625 ms (Run 8)
Min: 0.10085105895996094 ms (Run 780)

Ignoring for the moment the fact that it doesn’t recognise 2010-12-14 15:12:31 (Seriously?)1 , the only way to get that list of date formats is by happening to pick a correct one. As soon as you no longer need a list of date formats you may use, it presents you with one.


So, as an attempted fix for this situation, see above for a list of compatible date formats.

  1. It’s worth noting, too, that the author is of the opinion that specifying your own date format is too much like hard work, so if you want support for any date format other than those already supported, you’ve to patch it yourself. Which is obviously way easier than just having a date regex in the config file []

Using Synergy to share a keyboard and mouse across PCs

Synergy is a really neat way of using multiple computers at the same time, like a more convenient KVM switch (you do need to be physically close to all of them).

It basically allows you to have a monitor for each PC on your desk, and one keyboard and mouse with which to monitor them. Switching between PCs involves just moving the mouse pointer onto the relevant screen. It uses ‘screens’ rather than monitors, so you don’t need to let it know if you’ve got a complicated multi-monitor setup on a host (or even if you add or remove monitors from one), and it allows for having screens of different sizes and for, say, the bottom half of one screen to line up with the top half of the next.

It’s a server/client model – you have one server box into which you plug the keyboard and mouse. The rest connect over the network to it (in cleartext, don’t do this where you don’t trust the network).

I have two hosts. My work laptop is running Windows XP and has an external monitor plugged in to it. My testing PC is running Debian testing and is a PC proper. Here’s my desk:
jup-linux2 is the left monitor (attached to the PC to its left, running Debian), jup-rmt07 is the laptop on the right, which is also attached to the Sony screen in the middle. Since I take the laptop home with me occasionally, jup-linux2 is configured as a server, jup-rmt07 as the client (less to unplug).

Synergy is in the debian repositories, so it’s just an apt-get install synergy. This provides two binaries, /usr/bin/synergyc and /usr/bin/synergys, which are the client and the server respectively.
To install it in Windows, you’ll want to grab it from their Sourceforge page

Configuring and starting the server
So, having installed, we can configure! The configuration file can be arbitrarily named, mine’s cunningly called ~/.synergy.conf and appears verbatim at the bottom of this. Synergy’s really rather configurable, but I’ve never found much need for more than the basics, so I’ve an incredibly simple setup.

First, we define some ‘screens’. Here we can also configure optons for screens, especially as regards the transference of caps-lock and num-lock statuses. I’ve no special requests, so I just list the hosts whose screens I want Synergy to manage:

section: screens

Second, we define the links. For each monitor, we state what is at any edge of it. This is used to decide where to put the mouse pointer on leaving the screen, so it needs to be done in both directions – the fact that jup-linux2 is to the left of jup-rmt07 does not imply to synergy that jup-rmt07 is to the right of jup-linux2:

section: links
	left = jup-linux2
	right = jup-rmt07

If I have two screens at different heights, I can tell synergy that the top 30% of jup-linux2 lines up with the bottom 40% of jup-rmt07, for example:

	right(70-100) = jup-linux2(0-40)
	left(0-40) = jup-rmt07(70-100)

Again, you always always always need to define the screen in both directions. The file is parsed by synergy to see what to do on leaving that particular screen – when you’re in jup-rmt07 and move towards the left of the screen, it’s only going to do anything if there’s a left defined for that screen, irrespective of how many rights point there.
If my screens are above and below each other, up and down are used. A screen can have as many other screens round it as you like, by assigning percentages of edges to different screens.

Configuring the server under Windows involves a different process to use the same principles. Essentially, you build the same text file as above, but in a clicky gui. It’s a little odd, but quite simple.

configuring Synergy server under Windows

To start the synergy server, we now run

synergys --config ~/.synergy.conf

Replacing ‘~/.synergy.conf’ with the path to wherever the config file is saved.

Configuring and starting the clients

So, we have a server. Now, clients.
On Windows, synergy is only one executable, so we start that, select the ‘Use another computer’s shared keyboard and mouse (client)’ option, stick the server’s hostname or IP in the box, and click ‘start’.
If you have a *nix client, the command to connect to a server at jup-rmt07 is synergyc jup-rmt07. synergyc provides a few options for changing the behaviour.

Starting Synergy automatically
Finally, I want them to start automagically on boot/login. For the linux host, this is relatively easy, add the following to your crontab:

@reboot synergys --config ~/.synergy.conf

And it’ll be started on boot.
To start it under Windows, click the ‘AutoStart’ button. This will let you configure it to start it on login or, if you have the requisite permissions, start on boot.