Features

Current features (0.8.x)

Here is a list of the main features available in Fail2ban.

• Client/Server architecture.
• Multi-threaded.
• Highly configurable.
• FAM/Gamin support.
• Parses log files and looks for given patterns.
• Executes commands when a pattern has been detected for the same IP address for more than X times. X can be changed.
• After a given amount of time, executes another command in order to unban the IP address.
• Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other actions.
• Handles log files rotation.
• Can handle more than one service (sshd, apache, vsftpd, etc).
• Resolves DNS hostname to IP address.

Roadmap

Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the fail2ban-users mailing list or browse/comment/report on existing issues on github.

Please browse Fail2ban milestones for an up-to-date list of planned releases/features.

Below are some items from older roadmap

0.9.0

• Dependency back to Python 2.3
  Error creating thumbnail: Unable to save thumbnail to destination
• Rewrite communication
  Error creating thumbnail: Unable to save thumbnail to destination
• Add more tags (<LINE>, <USER>)
  Error creating thumbnail: Unable to save thumbnail to destination
  Partially done -- use <MATCHES>. Also see Issue #10
• Add support for pyinotify
  Error creating thumbnail: Unable to save thumbnail to destination
  but has outstanding issues to be resolved before release
• Auto-enable feature (activate jail if log file is present)

Other envisioned changes

• Decrease memory usage
• Multi-lines parsing
• Manual control of ban list (ban, unban, reset). You currently have to restart the daemon to unban.
  • There's a patch by Buanzo that adds a 'banip' command to fail2ban-client.