[rdp] enabled = true filter = rdp action = iptables-multiport[name=rdp, port="3389,3390,3391", protocol=tcp] logpath = /var/log/xrdp.log maxretry = 5
filter filter.d/rdp.conf
[Definition] failregex = connection received from ignoreregex = datepattern = %%Y%%m%%d-%%H:%%M:%%S