« Changelog History


Fail2Ban v0.8.12 Release Notes

Release Date: 2014-01-22 // over 10 years ago
    • IMPORTANT incompatible changes:
      • Rename firewall-cmd-direct-new to firewallcmd-new to fit within jail name name length. As per gh-395
      • mysqld-syslog-iptables jailname was too long. Renamed to mysqld-syslog. Part of gh-447.

    🛠 Fixes

    • allow for ",milliseconds" in the custom date format of proftpd.log
    • allow for ", referer ..." in apache-* filter for apache error logs.
    • allow for spaces at the beginning of kernel messages. Closes gh-448
    • recidive jail to block all protocols. Closes gh-440. Thanks Ioan Indreias
    • smtps not a IANA standard and has been removed from Arch. Replaced with
      1. Thanks Stefan. Closes gh-447
    • add 'flushlogs' command to allow logrotation without clobbering logtarget settings. Closes gh-458, Debian bug #697333, Redhat bug #891798.
    • complain action - ensure where not matching other IPs in log sample. Closes gh-467
    • Fix firewall-cmd actioncheck - patch from Adam Tkac. Redhat Bug #979622
    • Fix apache-common for apache-2.4 log file format. Thanks Mark White. Closes gh-516
    • Asynchat changed to use push method which verifys whether all data was send. This ensures that all data is sent before closing the connection.
    • Removed unnecessary reference to as yet undeclared $jail_name when checking a specific jail in nagios script.
    • Filter dovecot reordered session and TLS items in regex with wider scope for session characters. Thanks Ivo Truxa. Closes gh-586
    • A single bad failregex or command syntax in configuration files won't stop fail2ban from starting. Thanks Tomasz Ciolek. Closes gh-585.

    ✨ Enhancements

    • long names on jails documented based on iptables limit of 30 less len("fail2ban-").
    • remove indentation of name and loglevel while logging to SYSLOG to resolve syslog(-ng) parsing problems. Closes Debian bug #730202.
    • updated check_fail2ban to return performance data for all jails.
    • filter apache-noscript now includes php cgi scripts. Thanks dani. Closes gh-503
    • exim-spam filter to match spamassassin log entry for option SAdevnull. Thanks Ivo Truxa. Closes gh-533
    • filter.d/nsd.conf -- also amended Unix date template to match nsd format
    • Added to sshd filter expression for Received disconnect from <HOST>: 3: ...: Auth fail. Thanks Marcel Dopita. Closes gh-289
    • loglines now also report "[PID]" after the name portion
    • Added filter.d/ejabberd-auth
    • Improved ACL-handling for Asterisk
    • loglines now also report "[PID]" after the name portion
    • Added improper command pipelining to postfix filter.

    🆕 New Features

    • filter.d/solid-pop3d -- added thanks to Jacques Lav!gnotte on mailinglist.
    • Add filter for apache-modsecurity.
    • filter.d/nsd.conf -- also amended Unix date template to match nsd format
    • Added openwebmail filter thanks Ivo Truxa. Closes gh-543
    • Added filter for freeswitch. Thanks Jim and editors and authors of http://wiki.freeswitch.org/wiki/Fail2ban
    • Added groupoffice filter thanks to logs from Merijn Schering. Closes gh-566
    • Added filter for horde
    • Added filter for squid. Thanks Roman Gelfand.
    • Added filter for ejabberd-auth.
    • Added filter.d/openwebmail filter thanks Ivo Truxa. Closes gh-543
    • Added filter.d/groupoffice filter thanks to logs from Merijn Schering. Closes gh-566
    • Added action.d/badips. Thanks to Amy for making a nice API.
    • Added firewallcmd-ipset action.
    • Added ufw action. Thanks Guilhem Lettron. lp-#701522
    • Added blocklist_de action.