Fail2Ban v0.10.4 Release Notes
Release Date: 2018-10-04 // over 5 years ago-
🛠 Fixes
filter.d/dovecot.conf
:- failregex enhancement to catch sql password mismatch errors (gh-2153);
- disconnected with "proxy dest auth failed" (gh-2184);
filter.d/freeswitch.conf
:- provide compatibility for log-format from gh-2193:
- extended with new default date-pattern
^(?:%%Y-)?%%m-%%d[ T]%%H:%%M:%%S(?:\.%%f)?
to coverYYYY-mm-dd HH:MM::SS.ms
as well asmm-dd HH:MM::SS.ms
(so year is optional); - more optional arguments in log-line (so accept [WARN] as well as [WARNING] and optional [SOFIA] hereafter);
- extended with mode parameter, allows to avoid matching of messages like
auth challenge (REGISTER)
(see gh-2163) (currentlyextra
as default to be backwards-compatible), see comments in filter how to set it to modenormal
.
filter.d/domino-smtp.conf
:- recognizes failures logged using another format (something like session-id, IP enclosed in square brackets);
- failregex extended to catch connections rejected for policy reasons (gh-2228);
action.d/hostsdeny.conf
: fix parameter in config (dynamic parameters stating with '_' are protected and don't allowed in command-actions), see gh-2114;- decoding stability fix by wrong encoded characters like utf-8 surrogate pairs, etc (gh-2171):
- fail2ban running in the preferred encoding now (as default encoding also within python 2.x), mostly
UTF-8
in opposite toascii
previously, so minimizes influence of implicit conversions errors; - actions: avoid possible conversion errors on wrong-chars by replace tags;
- database: improve adapter/converter handlers working on invalid characters in sense of json and/or sqlite-database; additionally both are exception-safe now, so avoid possible locking of database (closes gh-2137);
- logging in fail2ban is process-wide exception-safe now.
- fail2ban running in the preferred encoding now (as default encoding also within python 2.x), mostly
- 👀 repaired start-time of initial seek to time (as well as other log-parsing related data),
if parameter
logpath
specified beforefindtime
,backend
,datepattern
, etc (gh-2173) - 🛠 systemd: fixed type error on option
journalflags
: an integer is required (gh-2125);
🆕 New Features
- 🆕 new option
ignorecache
to improve performance of ignore failure check (using caching ofignoreip
,ignoreself
andignorecommand
), seeman jail.conf
for syntax-example; ignorecommand
extended to use actions-similar replacement (capable to interpolate all possible tags like<ip-host>
,<family>
,<fid>
,F-USER
etc.)
✨ Enhancements
filter.d/dovecot.conf
: extended with tags F-USER (and alternatives) to collect user-logins (gh-2168)- since v.0.10.4, fail2ban-client, fail2ban-server and fail2ban-regex will return version without logo info,
additionally option
-V
can be used to get version in normalized machine-readable short format.