ребят подскажите что не так?
root@deba:/home/yozz# fail2ban-regex /var/log/kern.log /etc/fail2ban/filter.d/shrunk-window.conf
Running tests
=============
Use failregex file : /etc/fail2ban/filter.d/shrunk-window.conf
Use log file : /var/log/kern.log
Results
=======
Failregex: 0 total
Ignoreregex: 0 total
Date template hits:
|- [# of hits] date format
| [898] MONTH Day Hour:Minute:Second
`-
Lines: 898 lines, 0 ignored, 0 matched, 898 missed
Missed line(s): too many to print. Use --print-all-missed to print all 898 lines
листинг kernel.log
Jun 2 16:34:41 deba kernel: [75291.727343] atl1 0000:02:00.0: eth0 link is up 1000 Mbps full duplex
Jun 2 16:58:07 deba kernel: [76698.032019] Peer 206.123.249.115:16000/46728 unexpectedly shrunk window 2743024728:2743042104 (repaired)
Jun 2 17:49:27 deba kernel: [79778.272028] Peer 206.123.249.115:16000/49611 unexpectedly shrunk window 397761337:397843873 (repaired)
Jun 2 18:31:57 deba kernel: [82327.708020] Peer 206.123.249.115:16000/52202 unexpectedly shrunk window 4193374749:4193451493 (repaired)
Jun 2 18:36:25 deba kernel: [82595.844021] Peer 206.123.249.115:16000/52202 unexpectedly shrunk window 4206907277:4206942425 (repaired)
Jun 2 18:56:07 deba kernel: [83777.716020] Peer 206.123.249.115:16000/53990 unexpectedly shrunk window 3827203265:3827288697 (repaired)
root@deba:/var/log#
листинг # cat /etc/fail2ban/filter.d/shrunk-window.conf
[Definition]
failregex = TCP\: Peer <HOST>\:.* unexpectedly shrunk window.*repaired+
ignoreregex =
root@deba:/home/yozz#
