Here is a list of the main features available in Fail2ban.
- Highly configurable.
- Parses log files and looks for given patterns.
- Executes a command when a pattern has be detected for the same IP address for more than X times. X can be changed.
- After a given amount of time, executes another command in order to unban the IP address.
- Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) or others firewalls.
- Handles log files rotation.
- Can handle more than one service (sshd, apache, vsftpd, etc).
- Resolves DNS hostname to IP address.
- Can send e-mail notifications.
- Runs as a daemon.
- Multiple logging targets (syslog daemon, stdout, stderr, files).
Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the author.
- Improve website
- Migrate from CVS to Subversion
- Client/server architecture
- Better configuration files
- Add missing features of 0.6.x
- Improve socket communication
- Autodetect date format
- Improve client (output, interactive mode, etc)
- Add FAM/Gamin support
- Improve test framework
- Add support for wildcard in logfile
- Migration tool from 0.6.x to 0.8.0