[Leaplist] fail2ban
Phil Barnett
philb at philb.us
Tue Mar 9 18:02:38 EST 2010
On Tue, 2010-03-09 at 13:29 -0500, Richard F. Ostrow Jr. wrote:
> Hmm... I'm actually tempted to write something that actually does this
> properly (ie, via a CLI that syslog can deal with directly, rather than
> this stupid "I'm going to parse the whole log file every second, no matter
> how large the log is and eat up all your processing time!" approach that
> fail2ban uses). This really should be using a "push" pattern rather than a
> "pull" pattern... it's just stupid going the other way.
> On Tue, March 9, 2010 1:13 pm, Richard F. Ostrow Jr. wrote:
I didn't see any indication that it is rescanning the entire log every
second. If I has to do this task, the very least I would do is use the
output of tail -f. And tee can also do this. And there are many other
ways. I don't believe for a second that it is parsing the entire file
each time it wakes up.
That would be insane.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list