Bans IP addresses that make too many authentication failures
Fail2ban scans log files like /var/log/messages and bans IP addresses
that makes too many password failures. It updates firewall rules to
reject the IP address, can send e-mails, or set host.deny entries.
These rules can be defined by the user. Fail2Ban can read multiple log
files such as sshd or Apache web server ones.
- Developed at security
-
4
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory/fail2ban && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
f2b-restart.conf | 0000000163 163 Bytes | |
fail2ban-0.10.4.tar.gz | 0000493064 482 KB | |
fail2ban-0.10.4.tar.gz.asc | 0000000488 488 Bytes | |
fail2ban-disable-iptables-w-option.patch | 0000000855 855 Bytes | |
fail2ban-opensuse-locations.patch | 0000001158 1.13 KB | |
fail2ban-opensuse-service.patch | 0000001350 1.32 KB | |
fail2ban-rpmlintrc | 0000000146 146 Bytes | |
fail2ban.changes | 0000060335 58.9 KB | |
fail2ban.logrotate | 0000000232 232 Bytes | |
fail2ban.spec | 0000010516 10.3 KB | |
fail2ban.sysconfig | 0000000200 200 Bytes | |
fail2ban.tmpfiles | 0000000031 31 Bytes | |
paths-opensuse.conf | 0000000975 975 Bytes | |
sfw-fail2ban.conf | 0000000217 217 Bytes |
Revision 54 (latest revision is 68)
Yuchen Lin (maxlin_factory)
accepted
request 677464
from
Johannes Weberhofer (weberho)
(revision 54)
- ver. 0.10.4 (2018/10/04) - ten-four-on-due-date-ten-four * https://github.com/fail2ban/fail2ban/blob/0.10.4/ChangeLog - Fixes * `filter.d/dovecot.conf`: - failregex enhancement to catch sql password mismatch errors (gh-2153); - disconnected with "proxy dest auth failed" (gh-2184); * `filter.d/freeswitch.conf`: - provide compatibility for log-format from gh-2193: * extended with new default date-pattern `^(?:%%Y-)?%%m-%%d[ T]%%H:%%M:%%S(?:\.%%f)?` to cover `YYYY-mm-dd HH:MM::SS.ms` as well as `mm-dd HH:MM::SS.ms` (so year is optional); * more optional arguments in log-line (so accept [WARN] as well as [WARNING] and optional [SOFIA] hereafter); - extended with mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`. * `filter.d/domino-smtp.conf`: - recognizes failures logged using another format (something like session-id, IP enclosed in square brackets); - failregex extended to catch connections rejected for policy reasons (gh-2228); * `action.d/hostsdeny.conf`: fix parameter in config (dynamic parameters stating with '_' are protected and don't allowed in command-actions), see gh-2114; * decoding stability fix by wrong encoded characters like utf-8 surrogate pairs, etc (gh-2171): - fail2ban running in the preferred encoding now (as default encoding also within python 2.x), mostly `UTF-8` in opposite to `ascii` previously, so minimizes influence of implicit conversions errors; - actions: avoid possible conversion errors on wrong-chars by replace tags; - database: improve adapter/converter handlers working on invalid characters in sense of json and/or sqlite-database; additionally both are exception-safe now, so avoid possible locking of database (closes gh-2137); - logging in fail2ban is process-wide exception-safe now. * repaired start-time of initial seek to time (as well as other log-parsing related data), if parameter `logpath` specified before `findtime`, `backend`, `datepattern`, etc (gh-2173) * systemd: fixed type error on option `journalflags`: an integer is required (gh-2125); - New Features * new option `ignorecache` to improve performance of ignore failure check (using caching of `ignoreip`, `ignoreself` and `ignorecommand`), see `man jail.conf` for syntax-example; * `ignorecommand` extended to use actions-similar replacement (capable to interpolate all possible tags like `<ip-host>`, `<family>`, `<fid>`, `F-USER` etc.) - Enhancements * `filter.d/dovecot.conf`: extended with tags F-USER (and alternatives) to collect user-logins (gh-2168) * since v.0.10.4, fail2ban-client, fail2ban-server and fail2ban-regex will return version without logo info, additionally option `-V` can be used to get version in normalized machine-readable short format. - rebase patches * fail2ban-opensuse-locations.patch * fail2ban-opensuse-service.patch - add signature file
Comments 0