Current features (0.9.x)
(in addition to 0.8.x features)
- Python based actions
- Database support
- Multi-line parsing in filters
- Custom date time support for filters
- Timezone awareness by default
- Timeout on ban commands
- Character set awareness in log files
- Python3+ support
Current features (0.8.x)
Here is a list of the main features available in Fail2ban.
- Client/Server architecture.
- Highly configurable using split configuration files
- Gamin/Pyinotify support.
- Parses log files and look for given patterns.
- Executes command(s) when a pattern has been detected for the same IP address for more than X times to ban that address. X can be changed.
- After a given amount of time, execute another command in order to unban the IP address.
- Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other firewalls/actions.
- Handles log files rotation.
- Can handle multiple services at once (sshd, apache, vsftpd, etc).
- Resolves DNS hostname to IP address (use with caution, disable by usedns = no).
Please browse Fail2ban milestones for an up-to-date list of planned releases/features.
- Add more tags (<LINE>, <USER>, <PORT>) Partially done -- use <MATCHES>. Also see Issue #10 and Issue #67
- Auto-enable feature (activate jail if log file is present)
Other envisioned changes
- Decrease memory usage