Fail2ban is one of the best projects I've encountered - I love it! One suggestion: in 0.7+, the iptables.conf action uses pre-ban command"
Is there a reason for this? Maybe ip spoofing? At any rate, this can cause fail2ban to take forever in implementing its actions if the iptables chains are big, because it causes DNS lookups for each entry. I suggest adding the "n" flag to the command, to speed things up, like this:
Thank you. Added in the repository. --Lostcontrol 13:21, 14 December 2006 (PST)