Difference between revisions of "Features"

From Fail2ban
Jump to: navigation, search
m
(Undo revision 4525 by VidaKende (talk))
Line 9: Line 9:
 
* Parses log files and looks for given patterns.
 
* Parses log files and looks for given patterns.
 
* Executes commands when a pattern has been detected for the same IP address for more than ''X'' times. ''X'' can be changed.
 
* Executes commands when a pattern has been detected for the same IP address for more than ''X'' times. ''X'' can be changed.
* After a given amount <span class="plainlinks">[http://www.mfadegree.net/ <span style="color:black;font-weight:normal; text-decoration:none!important; background:none!important; text-decoration:none;">MFA Degree</span>] of time, executes another command in order to unban the IP address.
+
* After a given amount of time, executes another command in order to unban the IP address.
 
* Uses Netfilter/Iptables by default but can also use TCP Wrapper (<tt>/etc/hosts.deny</tt>) and many other actions.
 
* Uses Netfilter/Iptables by default but can also use TCP Wrapper (<tt>/etc/hosts.deny</tt>) and many other actions.
 
* Handles log files rotation.
 
* Handles log files rotation.

Revision as of 23:49, 7 April 2012

Current features (0.8.x)

Here is a list of the main features available in Fail2ban.

  • Client/Server architecture.
  • Multi-threaded.
  • Highly configurable.
  • FAM/Gamin support.
  • Parses log files and looks for given patterns.
  • Executes commands when a pattern has been detected for the same IP address for more than X times. X can be changed.
  • After a given amount of time, executes another command in order to unban the IP address.
  • Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other actions.
  • Handles log files rotation.
  • Can handle more than one service (sshd, apache, vsftpd, etc).
  • Resolves DNS hostname to IP address.

Roadmap

Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the author.

0.9.0

  • Dependency back to Python 2.3 done
  • Rewrite communication done
  • Add more tags (<LINE>, <USER>)
  • Add support for pyinotify
  • Decrease memory usage
  • Multi-lines parsing
  • Manual control of ban list (ban, unban, reset). You currently have to restart the daemon to unban.
  • Auto-enable feature (activate jail if log file is present)