Difference between revisions of "Features"
From Fail2ban
Jump to navigationJump to searchYarikoptic (talk | contribs) (→0.9.0: more references) |
Yarikoptic (talk | contribs) (updated roadmapped features) |
||
| Line 24: | Line 24: | ||
=== 0.9.0 === | === 0.9.0 === | ||
| − | + | * Add more tags (<LINE>, <USER>, <PORT>) [[Image:okay.gif|done]] Partially done -- use <MATCHES>. Also see [https://github.com/fail2ban/fail2ban/issues/10 Issue #10] and [https://github.com/fail2ban/fail2ban/issues/67 Issue #67] | |
| − | + | * [https://github.com/fail2ban/fail2ban/pull/25 Add support for pyinotify] [[Image:okay.gif|done in 0.8.7]] | |
| − | * Add more tags (<LINE>, <USER>) [[Image:okay.gif|done]] Partially done -- use <MATCHES>. Also see [https://github.com/fail2ban/fail2ban/issues/10 Issue #10] | ||
| − | * [https://github.com/fail2ban/fail2ban/pull/25 Add support for pyinotify] [[Image:okay.gif|done] | ||
* [https://github.com/fail2ban/fail2ban/issues/55 Auto-enable feature (activate jail if log file is present)] | * [https://github.com/fail2ban/fail2ban/issues/55 Auto-enable feature (activate jail if log file is present)] | ||
| + | * Manual control of ban list (ban, unban, reset). [[Image:okay.gif|done]] Partially done [https://github.com/fail2ban/fail2ban/issues/53 Issue #53] . You currently have to restart the daemon to unban. | ||
| + | ** There's [http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html a patch by Buanzo] that adds a 'banip' command to fail2ban-client. | ||
=== Other envisioned changes === | === Other envisioned changes === | ||
| Line 34: | Line 34: | ||
* Decrease memory usage | * Decrease memory usage | ||
* [https://github.com/fail2ban/fail2ban/issues/54 Multi-lines parsing] | * [https://github.com/fail2ban/fail2ban/issues/54 Multi-lines parsing] | ||
| − | |||
| − | |||
[[Category:Fail2ban]] | [[Category:Fail2ban]] | ||
Revision as of 16:27, 1 August 2012
Current features (0.8.x)
Here is a list of the main features available in Fail2ban.
- Client/Server architecture.
- Multi-threaded.
- Highly configurable.
- FAM/Gamin support.
- Parses log files and looks for given patterns.
- Executes commands when a pattern has been detected for the same IP address for more than X times. X can be changed.
- After a given amount of time, executes another command in order to unban the IP address.
- Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other actions.
- Handles log files rotation.
- Can handle more than one service (sshd, apache, vsftpd, etc).
- Resolves DNS hostname to IP address.
Roadmap
Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the fail2ban-users mailing list or browse/comment/report on existing issues on github.
Please browse Fail2ban milestones for an up-to-date list of planned releases/features.
Below are some items from older roadmap
0.9.0
- Add more tags (<LINE>, <USER>, <PORT>) Error creating thumbnail: Unable to save thumbnail to destinationPartially done -- use <MATCHES>. Also see Issue #10 and Issue #67
- Add support for pyinotify Error creating thumbnail: Unable to save thumbnail to destination
- Auto-enable feature (activate jail if log file is present)
- Manual control of ban list (ban, unban, reset). Error creating thumbnail: Unable to save thumbnail to destinationPartially done Issue #53 . You currently have to restart the daemon to unban.
- There's a patch by Buanzo that adds a 'banip' command to fail2ban-client.
Other envisioned changes
- Decrease memory usage
- Multi-lines parsing
