Features
From Fail2ban
Current features
Here is a list of the main features available in Fail2ban.
- Highly configurable.
- Parses log files and looks for given patterns.
- Executes a command when a pattern has be detected for the same IP address for more than X times. X can be changed.
- After a given amount of time, executes another command in order to unban the IP address.
- Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) or others firewalls.
- Handles log files rotation.
- Can handle more than one service (sshd, apache, vsftpd, etc).
- Resolves DNS hostname to IP address.
- Can send e-mail notifications.
- Runs as a daemon.
- Multiple logging targets (syslog daemon, stdout, stderr, files).
Roadmap
Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the author.
0.7.0
- Improve website
- Migrate from CVS to Subversion
- Client/server architecture
- Multithreading
- Better configuration files
0.7.2
- Man pages
- Add missing features of 0.6.x
- Improve socket communication
- Autodetect date format
- Improve client (output, interactive mode, etc)
0.7.3
0.8.0
- Migration tool from 0.6.x to 0.8.0
- Documentation
- Howtos