Fail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.
|2006/02/16||Fail2ban 0.6.1 is available. Thanks to everyone who contributed to this release. Look at the ChangeLog for a complete list of changes.|
|2006/02/11||Quite a lot of news: The Art of Web has a great howto, much better than the poor official Fail2ban documentation. Thanks to them. Fail2ban is now marked as stable in Gentoo Portage. Fail2ban 0.6.1 should be release soon. Gentoo users can test the CVS version with this ebuild. I will start the development of Fail2ban 0.7 in March. You can already look at the planned features here. Nightly snapshots are now available here.|
|2006/01/03||Happy New Year! Markus Hoffmann has created a
Fail2ban addon for
Ipcop. Many thanks to him.
|2005/11/24||Manuel Arostegui Ramirez has written a
spanish howto for
Fail2ban. Thanks to him.
|2005/11/21||Thanks to Jonathan Kamens, RPM for 0.6.0 is available here. Fail2ban 0.6.0 is now in Portage. Gentoo users can emerge it with ACCEPT_KEYWORDS="~x86" emerge -av fail2ban. Thanks to Marcelo Goes.|
|2005/11/20||More than 6 months after the first 0.4.x version, a new stable release ( 0.6.0) is available. New features include mail notification, firewall rules in config file, no more log4py dependency, bug fixes, etc. Have a look at the changelog. Many thanks to Yaroslav Halchenko who did a lot of work for this release. It has been well tested and should not contain severe bugs.|
|2005/11/18||A RPM for 0.5.5 is available here. Thanks to Jonathan Kamens.|
|2005/10/26||0.5.5 is out. I planned a stable release for september.
However, we decided to fix some issues before 0.6. Have a look at
the changelog for more informations. I will not promise anymore
that this is the last one before stable ;-) Please test it and
report any problem. Many thanks to Yaroslav Halchenko who did most
of the changes found in this release.
|2005/09/13||less than a week after 0.5.3, a new version is out. New
features introduced by Debian maintainer, Yaroslav Halchenko, need
testing before stable. Please report any issues found in this
|2005/09/08||version 0.5.3 is available. I hope bug
#1256075 is fixed now. This release should be the latest before
stable. Please report all the encountered issues.
|2005/08/23||Thanks to Yaroslav Halchenko, Fail2ban is now in
A new stable version should be released at the beginning of September.
|2005/08/06||version 0.5.2 is available. I hope this one will be the latest before stable. Fail2ban does not depend on log4py anymore. It uses the standard logging module available in Python 2.3. More bugs are fixed.|
|2005/07/23||version 0.5.1 is available. Log targets are set in the configuration file. Thus, fail2ban output can be redirected to STDOUT, STDERR, one or more files and SYSLOG. Now an iptables chain is created for each section. Some bugs found in 0.5.0 should be fixed too. Please do not forget to remove your previous fail2ban-0.4.x installation before upgrading and to update your configuration file.|
|2005/07/12||version 0.5.0 is available. This is a development release and has not been well tested yet. Lots of new features are included. If you have good firewall commands, please submit them.|
|2005/07/06||Thanks to Yaroslav Halchenko, Fail2Ban has a
I started to add new features and created the FAIL2BAN-0_5 branch. Firewall rules are now set in the configuration file. Thus, you can create multiple rules for each section. You can checkout the sources from CVS.
|2005/06/30||version 0.4.1 is available. It mainly corrects a small bug in textToDNS. The configuration file is more readable now and an initd script is available for Gentoo. I would really appreciate initd scripts for others distributions.|
|2005/04/24||I'm proud to announce the first stable release (0.4.0) of Fail2Ban. There is only one bug fix since 0.3.1.|
|2005/03/31||version 0.3.1 is available. It supports DNS lookups and scans big log files quicker than in the previous releases.|
|2005/03/30||Fail2Ban has a logo. Web site update.|
|2005/02/24||version 0.3.0 of Fail2Ban is available. There is a lot of changes in this release. Fail2Ban can now look for password failures into several log files.|
|2005/02/23||first version of this website.|
Fail2Ban is a console application so screenshots are not really impressive.
Here is the ChangeLog for the latest version. The full ChangeLog can be found here.
ver. 0.6.1 (2006/03/16) - stable ---------- - Added permanent banning. Set banTime to a negative value to enable this feature (-1 is perfect). Thanks to Mannone - Fixed locale bug. Thanks to Fernando JosÃ© - Fixed crash when time format does not match data - Propagated patch from Debian to fix fail2ban search path addition to the path search list: now it is added first. Thanks to Nick Craig-Wood - Added SMTP authentification for mail notification. Thanks to Markus Hoffmann - Removed debug mode as it is confusing for people - Added parsing of timestamp in TAI64N format (#1275325). Thanks to Mark Edgington - Added patch #1382936 (Default formatted syslog logging). Thanks to Patrick Börjesson - Removed 192.168.0.0/16 from ignoreip. Attacks could also come from the local network. - Robust startup: if iptables module does not get fully initialized after startup of fail2ban, fail2ban will do "maxreinit" attempts to initialize its own firewall. It will sleep between attempts for "polltime" number of seconds (closes Debian: #334272). Thanks to Yaroslav Halchenko - Added "interpolations" in fail2ban.conf. This is provided by the ConfigParser module. Old configuration files still work. Thanks to Yaroslav Halchenko - Added initial support for hosts.deny and shorewall. Need more testing. Please test. Thanks to kojiro from Gentoo forum for hosts.deny support - Added support for vsftpd. Thanks to zugeschmiert
The latest Readme file can be found here. It contains useful information such as installation process. Please read this file first.
Bug reports, feature requests and support can be addressed on the project page at SourceForge.net.
Fail2Ban can be downloaded directly from SourceForge.net sites.
|Sources||The official releases are available here.|
|Snapshots||Nightly snapshots are available here.|
|Gentoo||Fail2Ban is in Portage. Ebuilds are also available here.|
|Debian||Packages are available here. Thanks to Yaroslav Halchenko|
|RedHat||RPMs are available here. Thanks to Jonathan Kamens|
|Ipcop||Addon is available here. Thanks to Markus Hoffmann|
Here are some interesting links:
PassKool is a deterministic password generator in Python.
Python: the official website for the Python language.
Log4py: log4py is a logging module for python, similar to log4j.
Netfilter: the netfilter/iptables project