All Versions
Latest Version
Avg Release Cycle
176 days
Latest Release
1303 days ago

Changelog History
Page 4

  • v0.8.8 Changes

    December 06, 2012

    πŸ›  Fixes

    • Alan Jenkins
      • [8c38907] Removed 'POSSIBLE BREAK-IN ATTEMPT' from sshd filter to avoid banning due to misconfigured DNS. Closes gh-64
    • Yaroslav Halchenko
      • [83109bc] IMPORTANT: escape the content of (if used in custom action files) since its value could contain arbitrary symbols. Thanks for discovery go to the NBS System security team
      • [0935566,5becaf8] Various python 2.4 and 2.5 compatibility fixes. Closes gh-83
      • [b159eab] do not enable pyinotify backend if pyinotify < 0.8.3
      • [37a2e59] store IP as a base, non-unicode str to avoid spurious messages in the console. Closes gh-91

    πŸ†• New Features

    • David Engeset
      • [2d672d1,6288ec2] 'unbanip' command for the client + avoidance of touching the log file to take 'banip' or 'unbanip' in effect. Closes gh-81, gh-86

    ✨ Enhancements

    • ⚠ [2d66f31] replaced uninformative "Invalid command" message with warning log exception why command actually failed
    • πŸ‘ [958a1b0] improved failregex to "support" auth.backend = "htdigest"
    • [9e7a3b7] until we make it proper module -- adjusted sys.path only if system-wide run
    • ⬇️ [f52ba99] downgraded "already banned" from WARN to INFO level. Closes gh-79
    • 🌲 [f105379] added hints into the log on some failure return codes (e.g. 0x7f00 for this gh-87)
    • βœ… Various others: travis-ci integration, script to run tests against all available Python versions, etc
  • v0.8.7 Changes

    July 31, 2012

    πŸ›  Fixes

    • Tom Hendrikx & Jeremy Olexa
    • Chris Reffett
      • [a018a26] Fixed addBannedIP to add enough failures to trigger a ban, rather than just one failure.
    • Yaroslav Halchenko
      • [4c76fb3] allow trailing white-spaces in lighttpd-auth.conf
      • [25f1e8d] allow trailing whitespace in few missing it regexes for sshd.conf
      • [ed16ecc] enforce "ip" field returned as str, not unicode so that log message stays non-unicode. Close gh-32
      • [b257be4] added %m-%d-%Y pattern + do not add %Y for Feb 29 fix if already present in the pattern
      • [47e956b] replace "|" with "_" in ipmasq-ZZZzzz|fail2ban.rul to be friend to developers stuck with Windows (Closes gh-66)
      • [80b191c] anchor grep regexp in actioncheck to not match partial names of the jails (Closes: #672228) (Thanks SzΓ©pe Viktor for the report) ### πŸ†• New Features
    • FranΓ§ois Boulogne
      • [a7cb20e..] add lighttpd-auth filter/jail
    • Lee Clemens & Yaroslav Halchenko
      • [e442503] pyinotify backend (default if backend='auto' and pyinotify is available)
      • [d73a71f,3989d24] usedns parameter for the jails to allow disabling use of DNS
    • Tom Hendrikx
      • [f94a121..] 'recidive' filter/jail to monitor fail2ban.conf to ban repeated offenders. Close gh-19
    • Xavier Devlamynck
      • [7d465f9..] Add asterisk support
    • Zbigniew JΔ™drzejewski-Szmek
      • [de502cf..] allow running fail2ban as non-root user (disabled by default) via xt_recent. See doc/run-rootless.txt ### ✨ Enhancements
    • Lee Clemens
      • [47c03a2] files/nagios - spelling/grammar fixes
      • [b083038] updated Free Software Foundation's address
      • [9092a63] changed TLDs to invalid domains, in accordance with RFC 2606
      • [642d9af,3282f86] reformated printing of jail's name to be consistent with init's info messages
      • [3282f86] uniform use of capitalized Jail in the messages
    • Leonardo Chiquitto
      • [4502adf] Fix comments in dshield.conf and mynetwatchman.conf to reflect code
      • [a7d47e8] Update Free Software Foundation's address
    • Petr Voralek
      • [4007751] catch failed ssh logins due to being listed in DenyUsers. Close gh-47 (Closes: #669063)
    • Yaroslav Halchenko
      • [MANY] extended and robustified unittests: test different backends
      • [d9248a6] refactored Filter's to avoid duplicate functionality
      • [7821174] direct users to issues on github
      • [d2ffee0..] re-factored fail2ban-regex -- more condensed output by default with -v to control verbosity
      • [b4099da] adjusted header for config/*.conf to mention .local and way to comment (Thanks Stefano Forli for the note)
      • [6ad55f6] added failregex for wu-ftpd to match against syslog instead of DoS-prone auth.log's rhost (Closes: #514239)
      • [2082fee] match possibly present "pam_unix(sshd:auth):" portion for sshd filter (Closes: #648020)
    • Yehuda Katz & Yaroslav Halchenko
      • [322f53e,bd40cc7] ./DEVELOP -- documentation for developers
  • v0.8.7.1 Changes

    July 31, 2012

    πŸ›  Fixes

    • 🚚 [e9762f3] Removed sneaked in comment on sys.path.insert
  • v0.8.6 Changes

    November 28, 2011

    πŸ›  Fixes

    • Markos Chandras & Yaroslav Halchenko
      • [492d8e5,bd658fc] Use hashlib (instead of deprecated md5) where available
    • Robert Trace & Michael Lorant
      • [c48c2b1] gentoo-initd cleanup and fixes: assure /var/run + remove stale sock file
    • Michael Saavedra
    • Yaroslav Halchenko
      • [3eb5e3b] Allow for trailing spaces in sasl logs
      • [1632244] Stop server-side communication before stopping the jails (prevents lockup if actions use fail2ban-client upon unban): see
      • [5a2d518] Various changes to reincarnate unittests
    • Yehuda Katz
      • Wiki was cleaned from SPAM

    ✨ Enhancements

    • Adam Spiers
      • [3152afb] Recognise time-stamped kernel messages
    • Guido Bozzetto
    • Łukasz
      • [5f23542] Matching of month names in Polish (thanks michaelberg79 for QA)
    • Tom Hendrikx
      • [9fa54cf] Added Date: header for sendmail*.conf actions
    • Yaroslav Halchenko & Tom Hendrikx
      • [b52d420..22b7007] in action files now can be used to provide matched loglines which triggered action
    • Yaroslav Halchenko
      • [ed0bf3a] Removed duplicate entry for DataCha0s/2.0 in badbots: see
      • [dad91f7] sshd.conf: allow user names to have spaces and trailing spaces in the line
      • [a9be451] removed expansions for few Date and Revision SVN keywords
      • [a33135c] set/getFile for -- found in source distribution of 0.8.4
      • [fbce415] additional logging while stopping the jails
  • v0.8.5 Changes

    July 28, 2011
    • πŸ›  Fix: use addfailregex instead of failregex while processing per-jail "failregex" parameter (Fixed Debian bug #635830, LP: #635036). Thanks to Marat Khayrullin for the patch and Daniel T Chen for forwarding to Debian.
    • πŸ›  Fix: use os.path.join to generate full path - fixes includes in configs given local filename (5 weeks ago) [yarikoptic]
    • πŸ›  Fix: allowed for trailing spaces in proftpd logs
    • πŸ›  Fix: escaped () in pure-ftpd filter. Thanks to Teodor
    • πŸ›  Fix: allowed space in the trailing of failregex for sasl.conf: see
    • πŸ›  Fix: use /var/run/fail2ban instead of /tmp for temp files in actions: see
    • πŸ›  Fix: Tai64N stores time in GMT, needed to convert to local time before returning
    • πŸ›  Fix: disabled named-refused-udp jail entirely with a big fat warning
    • πŸ›  Fix: added time module. Bug reported in buanzo's blog: see
    • πŸ›  Fix: Patch to make log file descriptors cloexec to stop leaking file descriptors on fork/exec. Thanks to Jonathan Underwood: see
    • ✨ Enhancement: added author for dovecot filter and pruned unneeded space in the regexp
    • ✨ Enhancement: proftpd filter -- if login failed -- count regardless of the reason for failure
    • ✨ Enhancement: added to action.d/iptables*. Thanks to Matthijs Kooijman: see
    • ✨ Enhancement: added filter.d/dovecot.conf from Martin Waschbuesch
    • ✨ Enhancement: made filter.d/apache-overflows.conf catch more: see
    • ✨ Enhancement: added dropbear filter from Francis Russell and Zak B. Elep: see
    • ✨ Enhancement: changed default ignoreip to ignore entire loopback zone (/8): see
    • Minor: spell-checked jail.conf. Thanks to Christoph Anton Mitterer
    • πŸ’„ Few minor cosmetic changes
  • v0.8.4 Changes

    September 07, 2009
    • Check the inode number for rotation in addition to checking the first line of the file. Thanks to Jonathan Kamens. Red Hat #503852. Tracker #2800279.
    • 🚚 Moved the shutdown of the logging subsystem out of Server.quit() to the end of Server.start(). Fixes the 'cannot release un-acquired lock' error.
    • βž• Added "Ban IP" command. Thanks to Arturo 'Buanzo' Busleiman.
    • βž• Added two new filters: lighttpd-fastcgi and php-url-fopen.
    • πŸ›  Fixed the 'unexpected communication error' problem by means of use_poll=False in Python >= 2.6.
    • πŸ“¦ Merged patches from Debian package. Thanks to Yaroslav Halchenko.
    • πŸ‘‰ Use current day and month instead of Jan 1st if both are not available in the log. Thanks to Andreas Itzchak Rehberg.
    • Try to match the regex even if the line does not contain a valid date/time. Described in Debian #491253. Thanks to Yaroslav Halchenko.
    • βž• Added/improved filters and date formats.
    • βž• Added actions to report abuse to ISP, DShield and myNetWatchman. Thanks to Russell Odom.
    • 🚚 Suse init script. Remove socket file on startup is fail2ban crashed. Thanks to Detlef Reichelt.
    • βœ‚ Removed begin-line anchor for "standard" timestamp. Fixed Debian bug #500824.
    • βž• Added nagios script. Thanks to Sebastian Mueller.
    • βž• Added CPanel date format. Thanks to David Collins. Tracker #1967610.
    • πŸ‘Œ Improved SASL filter. Thanks to Loic Pefferkorn. Tracker #2310410.
    • βž• Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker #2484115.
    • βž• Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953.
    • πŸ”„ Changed <HOST> template to be more restrictive. Debian bug #514163.
    • πŸ‘‰ Use timetuple instead of utctimetuple for ISO 8601. Maybe not a 100% correct fix but seems to work. Tracker #2500276.
    • πŸ”Š Made the named-refused regex a bit less restrictive in order to match logs with "view". Thanks to Stephen Gildea.
    • πŸ›  Fixed maxretry/findtime rate. Many thanks to Christos Psonis. Tracker #2019714
  • v0.8.3 Changes

    July 17, 2008
    • πŸ–¨ Process failtickets as long as failmanager is not empty.
    • βž• Added "pam-generic" filter and more configuration fixes. Thanks to Yaroslav Halchenko.
    • πŸ›  Fixed socket path in redhat and suse init script. Thanks to Jim Wight.
    • πŸ›  Fixed PID file while started in daemon mode. Thanks to Christian Jobic who submitted a similar patch.
    • πŸ›  Fixed fail2ban-client get <jail> logpath. Bug #1916986.
    • βž• Added gssftpd filter. Thanks to Kevin Zembower.
    • βž• Added "Day/Month/Year Hour:Minute:Second" date template. Thanks to Dennis Winter.
    • πŸ›  Fixed ignoreregex processing in fail2ban-client. Thanks to RenΓ© Berber.
    • βž• Added ISO 8601 date/time format.
    • βž• Added and changed some logging level and messages.
    • βž• Added missing ignoreregex to filters. Thanks to Klaus Lehmann.
    • πŸ“Š Use poll instead of select in asyncore.loop. This should solve the "Unknown error 514". Thanks to Michael Geiger and Klaus Lehmann.
  • v0.8.2 Changes

    March 06, 2008
    • πŸ›  Fixed named filter. Thanks to Yaroslav Halchenko
    • πŸ›  Fixed wrong path for apache-auth in jail.conf. Thanks to Vincent Deffontaines
    • πŸ›  Fixed timezone bug with epoch date template. Thanks to Michael Hanselmann
    • βž• Added "full line failregex" patch. Thanks to Yaroslav Halchenko. It will be possible to create stronger failregex against log injection
    • πŸ›  Fixed ipfw action script. Thanks to Nick Munger
    • βœ‚ Removed date from logging message when using SYSLOG. Thanks to Iain Lea
    • πŸ›  Fixed "ignore IPs". Only the first value was taken into account. Thanks to Adrien Clerc
    • 🚚 Moved socket to /var/run/fail2ban.
    • Rewrote the communication server.
    • πŸ”¨ Refactoring. Reduced number of files.
    • βœ‚ Removed Python 2.4. Minimum required version is now Python 2.3.
    • πŸ†• New log rotation detection algorithm.
    • πŸ–¨ Print monitored files in status.
    • Create a PID file in /var/run/fail2ban/. Thanks to Julien Perez.
    • πŸ›  Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed this out. Thanks to Yaroslav Halchenko for the fix.
    • reload <jail> reloads a single jail and the parameters in fail2ban.conf.
    • βž• Added Mac OS/X startup script. Thanks to Bill Heaton.
    • Absorbed some Debian patches. Thanks to Yaroslav Halchenko.
    • πŸ–¨ Replaced "echo" with "printf" in actions. Fix #1839673
    • Replaced "reject" with "drop" in shorwall action. Fix #1854875
    • πŸ›  Fixed Debian bug #456567, #468477, #462060, #461426
    • readline is now optional in fail2ban-client (not needed in fail2ban-server).
  • v0.8.1 Changes

    August 14, 2007
    • πŸ›  Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
    • Expand in ignoreregex. Thanks to Yaroslav Halchenko
    • πŸ‘Œ Improved regular expressions. Thanks to Yaroslav Halchenko and others
    • βž• Added sendmail actions. The action started with "mail" are now deprecated. Thanks to RaphaΓ«l Marichez
    • βž• Added "ignoreregex" support to fail2ban-regex
    • ⚑️ Updated suse-initd and added it to MANIFEST. Thanks to Christian Rauch
    • Tightening up the pid check in redhat-initd. Thanks to David Nutter
    • βž• Added webmin authentication filter. Thanks to Guillaume Delvit
    • βœ‚ Removed textToDns() which is not required anymore. Thanks to Yaroslav Halchenko
    • βž• Added new action iptables-allports. Thanks to Yaroslav Halchenko
    • βž• Added "named" date format to date detector. Thanks to Yaroslav Halchenko
    • βž• Added filter file for named (bind9). Thanks to Yaroslav Halchenko
    • πŸ›  Fixed vsftpd filter. Thanks to Yaroslav Halchenko
  • v0.8.0 Changes

    May 03, 2007
    • πŸ›  Fixed RedHat init script. Thanks to Jonathan Underwood
    • βž• Added Solaris 10 files. Thanks to Hanno 'Rince' Wagner