./security/fail2ban, Scans log files and bans IP that makes too many password failures

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.9.5, Package name: fail2ban-0.9.5, Maintainer: nils

Fail2Ban scans log files like /var/log/pwdfail and bans IP
that makes too many password failures. It updates firewall
rules to reject the IP address. Theses rules can be defined by
the user. Fail2Ban can read multiple log files such as sshd
or Apache web server ones.


Required to run:
[databases/py-sqlite3] [lang/python27]

Required to build:
[textproc/py-sphinx] [textproc/py-numpydoc] [pkgtools/cwrappers]

Master sites:

SHA1: 58f086c48b6d384907e9efb81cbf7fc8d907d95a
RMD160: d9416b11b122a3ed553dcc9d09989b67515d6297
Filesize: 522.113 KB

Version history: (Expand)


CVS history: (Expand)


   2016-12-04 22:02:55 by Nils Ratusznik | Files touched by this commit (3) | Package updated
Log message:
Updated security/fail2ban to 0.9.5.
Changelog from 0.9.3 and 0.9.4 is quite long. Expect new and improved
jails, actions and filter. Details are here :
- https://github.com/fail2ban/fail2ban/releases/tag/0.9.4
- https://github.com/fail2ban/fail2ban/releases/tag/0.9.5

Pkgsrc changes are :
- added man pages (fail2ban-testcases.1 fail2ban.1)
- added and reorderd filters, actions, and documentation files
- minor edits to please pkglint
   2015-11-27 16:41:48 by Nils Ratusznik | Files touched by this commit (3) | Package updated
Log message:
Updated to 0.9.3.
Some of the upstream changes for 0.9.2 :
- various typo in config files
- filter.d/postfix-sasl.conf - tweak failregex and add ignoreregex to
  ignore system authentication issues
- some fixes for EL7
New features :
- New filters:
  - postfix-rbl
  - apache-fakegooglebot.conf
  - nginx-botsearch
  - drupal-auth
- New actions:
  - action.d/firewallcmd-multiport and action.d/firewallcmd-allports
  - action.d/sendmail-geoip-lines.conf
  - action.d/nsupdate to update DNSBL
- New status argument for fail2ban-client
Some of the upstream changes for 0.9.3 :
- IMPORTANT incompatible changes:
* filter.d/roundcube-auth.conf
     - Changed logpath to 'errors' log (was 'userlogins')
   * action.d/iptables-common.conf
     - All calls to iptables command now use -w switch introduced in
       iptables 1.4.20 (some distribution could have patched their
       earlier base version as well) to provide this locking mechanism
       useful under heavy load to avoid contesting on iptables calls.
       If you need to disable, define 'action.d/iptables-common.local'
       with empty value for 'lockingopt' in `[Init]` section.
   * mail-whois-lines, sendmail-geoip-lines and sendmail-whois-lines
     actions now include by default only the first 1000 log lines in
     the emails.  Adjust <grepopts> to augment the behavior.
- New Features:
* New filters:
     - froxlor-auth - Thanks Joern Muehlencord
     - apache-pass - filter Apache access log for successful authentication
* New actions:
     - shorewall-ipset-proto6 - using proto feature of the Shorewall.
       Still requires manual pre-configuration of the shorewall.
       See the action file for detail.
* New jails:
     - pass2allow-ftp - allows FTP traffic after successful
       HTTP authentication
   2015-04-14 23:09:48 by Greg Troxel | Files touched by this commit (1)
Log message:
Demote docs tools to BUILD_DEPENDS.

sphinx and numpy-doc are not needed at runtime.
   2015-03-11 21:45:52 by Nils Ratusznik | Files touched by this commit (1)
Log message:
Corrected a build problem with py-sphinx-1.2.3nb1 because sphinx-build has
been replaced with sphinx-build${PYVERSSUFFIX} (therefore it depends on at
least this version).

Corrected maintainer's email address.
   2015-02-09 11:05:25 by Nils Ratusznik | Files touched by this commit (9) | Package updated
Log message:
Initial import of security/fail2ban, version 0.9.1, into the NetBSD Packages \ 
Collection.

Fail2Ban scans log files like /var/log/pwdfail and bans IP
that makes too many password failures. It updates firewall
rules to reject the IP address. Theses rules can be defined by
the user. Fail2Ban can read multiple log files such as sshd
or Apache web server ones.