Fail2ban 0.8.2 (Default branch)


 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Fail2ban 0.8.2 (Default branch)
# 1  
Old 03-07-2008
Fail2ban 0.8.2 (Default branch)

Fail2ban monitors log files and temporarily orpersistently bans failure-prone addresses byupdating existing firewall rules. The softwareallows easy specification of different actions tobe taken such as to ban an IP address usingiptables or hostsdeny rules, or simply to send anotification email. It supports many services, andconfiguration can be easily extended formonitoring any other ASCII file. All filters andactions are given in the configuration files, thusfail2ban can be adopted to be used with a varietyof files and firewalls.Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Cybersecurity

Fail2ban ERROR Unable to contact server. Is it running?

Hello, my fail2ban service is running (ps aux) When i do: fail2ban-client status it returns: ERROR Unable to contact server. Is it running? same message on fail2ban restart. In /etc/fail2ban/fail2ban.conf i see this line: socket = /var/run/fail2ban/fail2ban.sock but this file does... (1 Reply)
Discussion started by: postcd
1 Replies

2. Shell Programming and Scripting

Read file, grab ip with fail2ban

Solved with iptables. Many thanks... Hello, Objective: What I would like to accomplish is : - To read file1 line by line and search each word in file2. - To grab corresponding ip addresses found in file2 - To send related ip addresses to fail2ban (not iptables) By this way, when I... (5 Replies)
Discussion started by: baris35
5 Replies

3. Shell Programming and Scripting

Script year_month_day_hour_minute with fail2ban

Hello, What I would like to do is a shell script which will read a database file, then it will compare the current date/hour/minute in each line existing in the database file. Today is 20140305 (year_month_day) & assume that the time is 15:11 at the moment. under /var/log/ database.txt ... (5 Replies)
Discussion started by: baris35
5 Replies

4. Windows & DOS: Issues & Discussions

Fail2ban: email notifications and banning ssh IP logins

Hi all. I am using Cygwin in Windows 7 and am trying to setup fail2ban so that I can ban foreign IP addresses under SSH, also getting email notifications. I downloaded fail2ban and installed it. I then created jail.local copy from jail.conf and changed some values in jail.local. Now when I try to... (2 Replies)
Discussion started by: synthesis
2 Replies
Login or Register to Ask a Question
FIAIF(8)					      Administration and Privileged Commands						  FIAIF(8)

NAME
fiaif - FIAIF is an Intelligent Firewall. SYNOPSIS
fiaif <start|stop|restart|force-reload|status|panic|tc-start|tc-stop|tc-status> DESCRIPTION
Fiaif deploys a packet-filtering firewall by reading configuration files and setting up IP packet filtering rules using iptables. The firewall is "zone" based, meaning that each network interface is associated with a defined piece of the "IP universe" on the other side of that interface from the host. A zone is defined in a text file (the zone configuration file) listing rules for the handling of IP traffic into, out of, and through the associated interface. The rules spell out which connections to accept, which to reject, which to ignore, and which to forward through the firewall. It is also possible to setup source and destination NAT for altering the source and/or destination addresses of packets as they pass through. All non-accepted packets are logged to the system log. It should be noted that any packet related to an already accepted connection is allowed though the firewall. OPTIONS
start This will save the current state of netfilter, and apply the new firewall as described in the configuration files. stop Restores the state saved when FIAIF was started. restart Same as stop,start force-reload This option is the same as start, although it does not use any previously saved rules, and can be used even if fiaif has already been started. start-tc Start/restart only traffic shaping. Useful if you are playing arround with that part of the fiaf subsystem. panic Shut off all IP traffic - don't accept any packets from anywhere for any reason. This can be used, for example, if uninvited guests are discovered on the system to quickly close the firewall and start analyzing log files. status Lists all rules in the firewall. test Instead of deploying the firewall, all rules are written to the file specified in the "TEST_FILE" parameter in the global configura- tion file. This command also runs a sanity check on the networking configuration. Any problems or warnings arising from this check are printed to STDERR. Refer to http://www.linuxhq.com/kernel/v2.4/doc/networking/ip-sysctl.txt.html for details on settings tested. When deployed, FIAIF can automatically fix the warnings and/or errors displayed. Please see fiaif.conf(8) for more informa- tion. tc-start Start only traffic shaping. This option ignores the "ENABLE_TC" parameter in the global configuration file. tc-stop Stops the traffic shaping. This option ignores the "ENABLE_TC" parameter in the global configuration file. tc-status Lists packet counters for all traffic classes. FILES
/etc/fiaif/fiaif.conf The global configuration file. See fiaif.conf(8) for further details. /var/lib/fiaif/fiaif file containing rules generated by fiaif. /var/lib/fiaif/iptables previous netfilter state /var/lib/fiaif/sysctl previous state of /proc before fiaif was started. /var/log/messages All illegal packets are logged to this file though syslog(3) DIAGNOSTICS
Errors are logged to STDOUT. If any errors is printed, then please recheck your configuration files. ENVIRONMENT
If the NO_CLEANUP variable is set to a non-empty value, then rules are not cleaned up after FIAIF is started. This will speed up FIAIF startup time, but at the cost of having lots of rules and performance may (on small systems with many zones) be affected. On a three zone system FIAIF generated in total 310 rules. After cleaning up the rules, the number of rules was down to 241. A reduction of 22%. The FIAIF_CONF can be used to specify an anternative global configurationfile, rather than using the default /etc/fiaif/fiaif.conf. This can be used to ease switching between two different firewall configurations. BUGS
The test command line option is no guarantee that the firewall will perform as expected, only that the syntax is correct. Only limited semantic checks of rulesis performed. REPORTING BUGS
Report bugs to <fiaif@fiaif.net>. AUTHOR
Anders Fugmann <anders(at)fugmann.net> SEE ALSO
fiaif.conf(8), zone.conf(8), iptables(8), syslog(3) Linux Dec 2003 FIAIF(8)