main/fail2ban: improve sshd filter

2 files changed, 4 insertions, 2 deletions

diff --git a/main/fail2ban/APKBUILD b/main/fail2ban/APKBUILD
index ca6cd3cb8e..e485c87a71 100644
--- a/main/fail2ban/APKBUILD
+++ b/main/fail2ban/APKBUILD
@@ -3,7 +3,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=fail2ban
 pkgver=0.10.3.1
-pkgrel=1
+pkgrel=2
 pkgdesc="Scans log files for login failures then updates iptables to reject originating ip address"
 url="http://www.fail2ban.org"
 arch="noarch"
@@ -52,5 +52,5 @@ sha512sums="78388fce93e7a28f86905d7797cd188cfc19515ab43f85356da629f4f3797fba0e9e
 1e7581dd04e7777d6fd5c40cc842a7ec5f4e6a0374673d020d89dd61bf4093d48934844bee89bcac9084f9ae44f3beb66e714cf3c2763d79c3e8feb790c5e43b  fail2ban.confd
 4ff9dd2793f42e414d83676104f47966f781b9e042e90dbc839d4e6b27faee08ebea2231b178d1d41084fa6c59aa62689bdb713977096d8b235a33e73268ccc5  fail2ban.logrotate
 84915967ae1276f1e14a5813680ee2ebf081af1ff452a688ae5f9ac3363f4aff90e39f8e6456b5c33d5699917d28a16308797095fd1ef9bb1fbcb46d4cea3def  alpine-ssh.jaild
-672762f513e14a29c0183fbab0f7acfa45e8e3e6d25f98d443bf82cad03d15af21b14789a223aeb5642806fa7c2092caede99593059b68230165c311b1eb7fea  alpine-sshd.filterd
+3e8e08d5e349e857b51ce34a9d968f16661b34e1cec06bec0aa9a32723bbe9be5a9890dd479331a9cc860821d33b1bf3b8e995182e319dead5a3d434b1816304  alpine-sshd.filterd
 36a81b771be0b36fe0dfb5ee4c72c9cb5b504e110618a8eb6f0f241b4e57d92df01dc5cc04b6b68d5bc6a5e6d68de1000092770285d7a328e5937e50b4b226a3  alpine-sshd-ddos.filterd"
diff --git a/main/fail2ban/alpine-sshd.filterd b/main/fail2ban/alpine-sshd.filterd
index 87718a963e..6c2ea19af8 100644
--- a/main/fail2ban/alpine-sshd.filterd
+++ b/main/fail2ban/alpine-sshd.filterd
@@ -16,6 +16,8 @@ before = common.conf
 _daemon = sshd
 
 failregex = Failed [-/\w]+ for .* from <HOST> port \d* ssh2
+            sshd\[.*\]: Invalid user .* from <HOST> port \d*
+            sshd\[.*\]: Received disconnect from <HOST> port \d*:[0-9]+:  \[preauth\]
 
 ignoreregex =