- Use 80 columns.

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@732 a942ae1a-1317-0410-a47c-b1dcaea8d605
2009-02-09 22:36:11 +00:00 · 2009-02-09 22:36:11 +00:00 · 53886e91b3
parent 0cf733e878
commit 53886e91b3
3 changed files with 237 additions and 312 deletions
--- a/419
+++ b/419
@ -1,130 +1,102 @@
-               __      _ _ ___ _               
+                         __      _ _ ___ _               
-              / _|__ _(_) |_  ) |__  __ _ _ _  
+                        / _|__ _(_) |_  ) |__  __ _ _ _  
-             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+                       |  _/ _` | | |/ /| '_ \/ _` | ' \ 
-             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+                       |_| \__,_|_|_/___|_.__/\__,_|_||_|
-=============================================================
+================================================================================
-Fail2Ban (version 0.8.4)                           2008/??/??
+Fail2Ban (version 0.8.4)                                              2009/02/??
-=============================================================
+================================================================================
-ver. 0.8.4 (2008/??/??) - stable
+ver. 0.8.4 (2009/??/??) - stable
 ----------
- Merged patches from Debian package. Thanks to Yaroslav
+- Merged patches from Debian package. Thanks to Yaroslav Halchenko.
-  Halchenko.
+- Use current day and month instead of Jan 1st if both are not available in the
- Use current day and month instead of Jan 1st if both are
+  log. Thanks to Andreas Itzchak Rehberg.
-  not available in the log. Thanks to Andreas Itzchak
+- Try to match the regex even if the line does not contain a valid date/time.
-  Rehberg.
+  Described in Debian #491253. Thanks to Yaroslav Halchenko.
 - Try to match the regex even if the line does not contain a
  valid date/time. Described in Debian #491253. Thanks to
  Yaroslav Halchenko.
 - Added/improved filters and date formats.
- Added actions to report abuse to ISP, DShield and
+- Added actions to report abuse to ISP, DShield and myNetWatchman. Thanks to
-  myNetWatchman. Thanks to Russell Odom.
+  Russell Odom.
- Suse init script. Remove socket file on startup is fail2ban
+- Suse init script. Remove socket file on startup is fail2ban crashed. Thanks to
-  crashed. Thanks to Detlef Reichelt.
+  Detlef Reichelt.
- Removed begin-line anchor for "standard" timestamp. Fixed
+- Removed begin-line anchor for "standard" timestamp. Fixed Debian bug #500824.
  Debian bug #500824.
 - Added nagios script. Thanks to Sebastian Mueller.
- Added CPanel date format. Thanks to David Collins. Tracker
+- Added CPanel date format. Thanks to David Collins. Tracker #1967610.
-  #1967610.
+- Improved SASL filter. Thanks to Loic Pefferkorn. Tracker #2310410.
- Improved SASL filter. Thanks to Loic Pefferkorn. Tracker
+- Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker
-  #2310410.
+  #2484115.
- Added NetBSD ipfilter (ipf command) action. Thanks to Ed
+- Added cyrus-imap and sieve filters. Thanks to Jan Wagner. Debian bug #513953.
-  Ravin. Tracker #2484115.
+- Changed <HOST> template to be more restrictive. Debian bug #514163.
- Added cyrus-imap and sieve filters. Thanks to Jan Wagner.
+- Use timetuple instead of utctimetuple for ISO 8601. Maybe not a 100% correct
-  Debian bug #513953.
+  fix but seems to work. Tracker #2500276.
- Changed <HOST> template to be more restrictive. Debian bug
+- Made the named-refused regex a bit less restrictive in order to match logs
-  #514163.
+  with "view". Thanks to Stephen Gildea.
- Use timetuple instead of utctimetuple for ISO 8601. Maybe
+- Fixed maxretry/findtime rate. Many thanks to Christos Psonis. Tracker
-  not a 100% correct fix but seems to work. Tracker #2500276.
+  #2019714.
 - Made the named-refused regex a bit less restrictive in
  order to match logs with "view". Thanks to Stephen Gildea.
 - Fixed maxretry/findtime rate. Many thanks to Christos
  Psonis. Tracker #2019714.
 ver. 0.8.3 (2008/07/17) - stable
 ----------
 - Process failtickets as long as failmanager is not empty.
- Added "pam-generic" filter and more configuration fixes.
+- Added "pam-generic" filter and more configuration fixes. Thanks to Yaroslav
-  Thanks to Yaroslav Halchenko.
+  Halchenko.
- Fixed socket path in redhat and suse init script. Thanks to
+- Fixed socket path in redhat and suse init script. Thanks to Jim Wight.
-  Jim Wight.
+- Fixed PID file while started in daemon mode. Thanks to Christian Jobic who
- Fixed PID file while started in daemon mode. Thanks to
+  submitted a similar patch.
  Christian Jobic who submitted a similar patch.
 - Fixed "fail2ban-client get <jail> logpath". Bug #1916986.
 - Added gssftpd filter. Thanks to Kevin Zembower.
- Added "Day/Month/Year Hour:Minute:Second" date template.
+- Added "Day/Month/Year Hour:Minute:Second" date template. Thanks to Dennis
-  Thanks to Dennis Winter.
+  Winter.
- Fixed ignoreregex processing in fail2ban-client. Thanks to
+- Fixed ignoreregex processing in fail2ban-client. Thanks to René Berber.
  René Berber.
 - Added ISO 8601 date/time format.
 - Added and changed some logging level and messages.
- Added missing ignoreregex to filters. Thanks to Klaus
+- Added missing ignoreregex to filters. Thanks to Klaus Lehmann.
-  Lehmann.
+- Use poll instead of select in asyncore.loop. This should solve the "Unknown
- Use poll instead of select in asyncore.loop. This should
+  error 514". Thanks to Michael Geiger and Klaus Lehmann.
  solve the "Unknown error 514". Thanks to Michael Geiger and
  Klaus Lehmann.
 ver. 0.8.2 (2008/03/06) - stable
 ----------
 - Fixed named filter. Thanks to Yaroslav Halchenko
- Fixed wrong path for apache-auth in jail.conf. Thanks to
+- Fixed wrong path for apache-auth in jail.conf. Thanks to Vincent Deffontaines
-  Vincent Deffontaines
+- Fixed timezone bug with epoch date template. Thanks to Michael Hanselmann
- Fixed timezone bug with epoch date template. Thanks to
+- Added "full line failregex" patch. Thanks to Yaroslav Halchenko. It will be
-  Michael Hanselmann
+  possible to create stronger failregex against log injection
 - Added "full line failregex" patch. Thanks to Yaroslav
  Halchenko. It will be possible to create stronger failregex
  against log injection
 - Fixed ipfw action script. Thanks to Nick Munger
- Removed date from logging message when using SYSLOG. Thanks
+- Removed date from logging message when using SYSLOG. Thanks to Iain Lea
-  to Iain Lea
+- Fixed "ignore IPs". Only the first value was taken into account. Thanks to
- Fixed "ignore IPs". Only the first value was taken into
+  Adrien Clerc
  account. Thanks to Adrien Clerc
 - Moved socket to /var/run/fail2ban.
 - Rewrote the communication server.
 - Refactoring. Reduced number of files.
- Removed Python 2.4. Minimum required version is now Python
+- Removed Python 2.4. Minimum required version is now Python 2.3.
  2.3.
 - New log rotation detection algorithm.
 - Print monitored files in status.
- Create a PID file in /var/run/fail2ban/. Thanks to Julien
+- Create a PID file in /var/run/fail2ban/. Thanks to Julien Perez.
-  Perez.
+- Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed this out. Thanks
- Fixed "Feb 29" bug. Thanks to James Andrewartha who pointed
+  to Yaroslav Halchenko for the fix.
-  this out. Thanks to Yaroslav Halchenko for the fix.
+- "reload <jail>" reloads a single jail and the parameters in fail2ban.conf.
 - "reload <jail>" reloads a single jail and the parameters in
  fail2ban.conf.
 - Added Mac OS/X startup script. Thanks to Bill Heaton.
 - Absorbed some Debian patches. Thanks to Yaroslav Halchenko.
 - Replaced "echo" with "printf" in actions. Fix #1839673
- Replaced "reject" with "drop" in shorwall action. Fix
+- Replaced "reject" with "drop" in shorwall action. Fix #1854875
  #1854875
 - Fixed Debian bug #456567, #468477, #462060, #461426
- readline is now optional in fail2ban-client (not needed in
+- readline is now optional in fail2ban-client (not needed in fail2ban-server).
  fail2ban-server).
 ver. 0.8.1 (2007/08/14) - stable
 ----------
 - Fixed vulnerability in sshd.conf. Thanks to Daniel B. Cid
 - Expand <HOST> in ignoreregex. Thanks to Yaroslav Halchenko
- Improved regular expressions. Thanks to Yaroslav Halchenko
+- Improved regular expressions. Thanks to Yaroslav Halchenko and others
-  and others
+- Added sendmail actions. The action started with "mail" are now deprecated.
- Added sendmail actions. The action started with "mail" are
+  Thanks to Raphaël Marichez
  now deprecated. Thanks to Raphaël Marichez
 - Added "ignoreregex" support to fail2ban-regex
- Updated suse-initd and added it to MANIFEST. Thanks to
+- Updated suse-initd and added it to MANIFEST. Thanks to Christian Rauch
-  Christian Rauch
+- Tightening up the pid check in redhat-initd. Thanks to David Nutter
- Tightening up the pid check in redhat-initd. Thanks to
+- Added webmin authentication filter. Thanks to Guillaume Delvit
-  David Nutter
+- Removed textToDns() which is not required anymore. Thanks to Yaroslav
 - Added webmin authentication filter. Thanks to Guillaume
  Delvit
 - Removed textToDns() which is not required anymore. Thanks
  to Yaroslav Halchenko
 - Added new action iptables-allports. Thanks to Yaroslav
  Halchenko
 - Added "named" date format to date detector. Thanks to
  Yaroslav Halchenko
 - Added filter file for named (bind9). Thanks to Yaroslav
  Halchenko
 - Added new action iptables-allports. Thanks to Yaroslav Halchenko
 - Added "named" date format to date detector. Thanks to Yaroslav Halchenko
 - Added filter file for named (bind9). Thanks to Yaroslav Halchenko
 - Fixed vsftpd filter. Thanks to Yaroslav Halchenko
 ver. 0.8.0 (2007/05/03) - stable
@ -144,20 +116,17 @@ ver. 0.7.8 (2007/03/21) - release candidate
 ----------
 - Fixed asctime pattern in datedetector.py
 - Added new filters/actions. Thanks to Yaroslav Halchenko
- Added Suse init script and modified gentoo-initd. Thanks to
+- Added Suse init script and modified gentoo-initd. Thanks to Christian Rauch
  Christian Rauch
 - Moved every locking statements in a try..finally block
 ver. 0.7.7 (2007/02/08) - release candidate
 ----------
 - Added signal handling in fail2ban-client
 - Added a wonderful visual effect when waiting on the server
- fail2ban-client returns an error code if configuration is
+- fail2ban-client returns an error code if configuration is not valid
  not valid
 - Added new filters/actions. Thanks to Yaroslav Halchenko
 - Call Python interpreter directly (instead of using "env")
- Added file support to fail2ban-regex. Benchmark feature has
+- Added file support to fail2ban-regex. Benchmark feature has been removed
  been removed
 - Added cacti script and template.
 - Added IP list in "status <JAIL>". Thanks to Eric Gerbier
@ -167,60 +136,53 @@ ver. 0.7.6 (2007/01/04) - beta
 - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
 - Use numeric output for iptables in "actioncheck"
 - Fixed removal of host in hosts.deny. Thanks to René Berber
- Added new date format (2006-12-21 06:43:20) and Exim4
+- Added new date format (2006-12-21 06:43:20) and Exim4 filter. Thanks to mEDI
-  filter. Thanks to mEDI
+- Several "failregex" and "ignoreregex" are now accepted. Creation of rules
- Several "failregex" and "ignoreregex" are now accepted.
+  should be easier now.
  Creation of rules should be easier now.
 - Added license in COPYING. Thanks to Axel Thimm
- Allow comma in action options. The value of the option must
+- Allow comma in action options. The value of the option must be escaped with "
-  be escaped with " or '. Thanks to Yaroslav Halchenko
+  or '. Thanks to Yaroslav Halchenko
- Now Fail2ban goes in /usr/share/fail2ban instead of
+- Now Fail2ban goes in /usr/share/fail2ban instead of /usr/lib/fail2ban. This is
-  /usr/lib/fail2ban. This is more compliant with FHS. Thanks
+  more compliant with FHS. Thanks to Axel Thimm and Yaroslav Halchenko
  to Axel Thimm and Yaroslav Halchenko
 ver. 0.7.5 (2006/12/07) - beta
 ----------
- Do not ban a host that is currently banned. Thanks to
+- Do not ban a host that is currently banned. Thanks to Yaroslav Halchenko
-  Yaroslav Halchenko
+- The supported tags in "action(un)ban" are <ip>, <failures> and <time>
 - The supported tags in "action(un)ban" are <ip>, <failures>
  and <time>
 - Fixed refactoring bug (getLastcommand -> getLastAction)
- Added option "ignoreregex" in filter scripts and jail.conf.
+- Added option "ignoreregex" in filter scripts and jail.conf. Feature Request
-  Feature Request #1283304
+  #1283304
 - Fixed a bug in user defined time regex/pattern
 - Improved documentation
 - Moved version.py and protocol.py to common/
 - Merged "maxtime" option with "findtime"
- Added "<HOST>" tag support in failregex which matches
+- Added "<HOST>" tag support in failregex which matches default IP
-  default IP address/hostname. "(?P<host>\S)" is still valid
+  address/hostname. "(?P<host>\S)" is still valid and supported
-  and supported
+- Fixed exception when calling fail2ban-server with unknown option
- Fixed exception when calling fail2ban-server with unknown
+- Fixed Debian bug 400162. The "socket" option is now handled correctly by
-  option
+  fail2ban-client
 - Fixed Debian bug 400162. The "socket" option is now handled
  correctly by fail2ban-client
 - Fixed RedHat init script. Thanks to Justin Shore
- Changed timeout to 30 secondes before assuming the server
+- Changed timeout to 30 secondes before assuming the server cannot be started.
-  cannot be started. Thanks to Joël Bertrand
+  Thanks to Joël Bertrand
 ver. 0.7.4 (2006/11/01) - beta
 ----------
 - Improved configuration files. Thanks to Yaroslav Halchenko
 - Added man page for "fail2ban-regex"
 - Moved ban/unban messages from "info" level to "warn"
- Added "-s" option to specify the socket path and "socket"
+- Added "-s" option to specify the socket path and "socket" option in
-  option in "fail2ban.conf"
+  "fail2ban.conf"
 - Added "backend" option in "jail.conf"
- Added more filters/actions and jail samples. Thanks to Nick
+- Added more filters/actions and jail samples. Thanks to Nick Munger, Christoph
-  Munger, Christoph Haas
+  Haas
 - Improved testing framework
- Fixed a bug in the return code handling of the executed
+- Fixed a bug in the return code handling of the executed commands. Thanks to
-  commands. Thanks to Yaroslav Halchenko
+  Yaroslav Halchenko
- Signal handling. There is a bug with join() and signal in
+- Signal handling. There is a bug with join() and signal in Python
  Python
 - Better debugging output for "fail2ban-regex"
 - Added support for more date format
- cPickle does not work with Python 2.5. Use pickle instead
+- cPickle does not work with Python 2.5. Use pickle instead (performance is not
-  (performance is not a problem in our case)
+  a problem in our case)
 ver. 0.7.3 (2006/09/28) - beta
 ----------
@ -240,15 +202,13 @@ ver. 0.7.2 (2006/09/10) - beta
 - Improved client output
 - Added more get/set commands
 - Added more configuration templates
- Removed "logpath" and "maxretry" from filter templates.
+- Removed "logpath" and "maxretry" from filter templates. They must be defined
-  They must be defined in jail.conf now
+  in jail.conf now
 - Added interactive mode. Use "-i"
- Added a date detector. "timeregex" and "timepattern" are no
+- Added a date detector. "timeregex" and "timepattern" are no more needed
-  more needed
+- Added "fail2ban-regex". This is a tool to help finding "failregex"
- Added "fail2ban-regex". This is a tool to help finding
+- Improved server communication. Start a new thread for each incoming request.
-  "failregex"
+  Fail2ban is not really thread-safe yet
 - Improved server communication. Start a new thread for each
  incoming request. Fail2ban is not really thread-safe yet
 ver. 0.7.1 (2006/08/23) - alpha
 ----------
@ -259,106 +219,91 @@ ver. 0.7.1 (2006/08/23) - alpha
 ver. 0.7.0 (2006/08/23) - alpha
 ----------
- Almost a complete rewrite :) Fail2ban design is really
+- Almost a complete rewrite :) Fail2ban design is really better (IMHO). There is
-  better (IMHO). There is a lot of new features
+  a lot of new features
 - Client/Server architecture
- Multithreading. Each jail has its own threads: one for the
+- Multithreading. Each jail has its own threads: one for the log reading and
-  log reading and another for the actions
+  another for the actions
 - Execute several actions
- Split configuration files. They are more readable and easy
+- Split configuration files. They are more readable and easy to use
-  to use
+- failregex uses group (<host>) now. This feature was already present in the
- failregex uses group (<host>) now. This feature was already
+  Debian package
  present in the Debian package
 - lots of things...
 ver. 0.6.1 (2006/03/16) - stable
 ----------
- Added permanent banning. Set banTime to a negative value to
+- Added permanent banning. Set banTime to a negative value to enable this
-  enable this feature (-1 is perfect). Thanks to Mannone
+  feature (-1 is perfect). Thanks to Mannone
 - Fixed locale bug. Thanks to Fernando José
 - Fixed crash when time format does not match data
- Propagated patch from Debian to fix fail2ban search path 
+- Propagated patch from Debian to fix fail2ban search path addition to the path
-  addition to the path search list: now it is added first. 
+  search list: now it is added first. Thanks to Nick Craig-Wood
-  Thanks to Nick Craig-Wood
+- Added SMTP authentification for mail notification. Thanks to Markus Hoffmann
 - Added SMTP authentification for mail notification. Thanks
  to Markus Hoffmann
 - Removed debug mode as it is confusing for people
- Added parsing of timestamp in TAI64N format (#1275325).
+- Added parsing of timestamp in TAI64N format (#1275325). Thanks to Mark
-  Thanks to Mark Edgington
+  Edgington
- Added patch #1382936 (Default formatted syslog logging).
+- Added patch #1382936 (Default formatted syslog logging). Thanks to Patrick
-  Thanks to Patrick B<>rjesson
+  B<>rjesson
- Removed 192.168.0.0/16 from ignoreip. Attacks could also
+- Removed 192.168.0.0/16 from ignoreip. Attacks could also come from the local
-  come from the local network.
+  network.
- Robust startup: if iptables module does not get fully
+- Robust startup: if iptables module does not get fully initialized after
-  initialized after startup of fail2ban, fail2ban will do
+  startup of fail2ban, fail2ban will do "maxreinit" attempts to initialize its
-  "maxreinit" attempts to initialize its own firewall. It
+  own firewall. It will sleep between attempts for "polltime" number of seconds
-  will sleep between attempts for "polltime" number of
+  (closes Debian: #334272). Thanks to Yaroslav Halchenko
-  seconds (closes Debian: #334272). Thanks to Yaroslav
+- Added "interpolations" in fail2ban.conf. This is provided by the ConfigParser
-  Halchenko
+  module. Old configuration files still work. Thanks to Yaroslav Halchenko
- Added "interpolations" in fail2ban.conf. This is provided
+- Added initial support for hosts.deny and shorewall. Need more testing. Please
-  by the ConfigParser module. Old configuration files still
+  test. Thanks to kojiro from Gentoo forum for hosts.deny support
  work. Thanks to Yaroslav Halchenko
 - Added initial support for hosts.deny and shorewall. Need
  more testing. Please test. Thanks to kojiro from Gentoo
  forum for hosts.deny support
 - Added support for vsftpd. Thanks to zugeschmiert
 ver. 0.6.0 (2005/11/20) - stable
 ----------
- Propagated patches introduced by Debian maintainer 
+- Propagated patches introduced by Debian maintainer (Yaroslav Halchenko):
-  (Yaroslav Halchenko):
+  * Added an option to report local time (including timezone) or GMT in mail
-  * Added an option to report local time (including timezone)
+    notification.
    or GMT in mail notification.
 ver. 0.5.5 (2005/10/26) - beta
 ----------
- Propagated patches introduced by Debian maintainer 
+- Propagated patches introduced by Debian maintainer (Yaroslav Halchenko):
-  (Yaroslav Halchenko):
+  * Introduced fwcheck option to verify consistency of the chains. Implemented
-  * Introduced fwcheck option to verify consistency of the
+    automatic restart of fail2ban main function in case check of fwban or
-    chains. Implemented automatic restart of fail2ban main
+    fwunban command failed (closes: #329163, #331695). (Introduced patch was
-    function in case check of fwban or fwunban command failed
+    further adjusted by upstream author).
    (closes: #329163, #331695). (Introduced patch was further
    adjusted by upstream author).
  * Added -f command line parameter for [findtime].
-  * Added a cleanup of firewall rules on emergency shutdown
+  * Added a cleanup of firewall rules on emergency shutdown when unknown
-    when unknown exception is catched.
+    exception is catched.
-  * Fail2ban should not crash now if a wrong file name is
+  * Fail2ban should not crash now if a wrong file name is specified in config.
-    specified in config.
+  * reordered code a bit so that log targets are setup right after background
-  * reordered code a bit so that log targets are setup right
+    and then only loglevel (verbose, debug) is processed, so the warning could
-    after background and then only loglevel (verbose, debug)
+    be seen in the logs
-    is processed, so the warning could be seen in the logs
+  * Added a keyword <section> in parsing of the subject and the body of an email
-  * Added a keyword <section> in parsing of the subject and
+    sent out by fail2ban (closes: #330311)
    the body of an email sent out by fail2ban (closes:
    #330311)
 ver. 0.5.4 (2005/09/13) - beta
 ----------
 - Fixed bug #1286222.
- Propagated patches introduced by Debian maintainer 
+- Propagated patches introduced by Debian maintainer (Yaroslav Halchenko):
-  (Yaroslav Halchenko):
+  * Fixed handling of SYSLOG logging target. Now it can log to any SYSLOG target
-  * Fixed handling of SYSLOG logging target. Now it can log
+    and facility as directed by the config
    to any SYSLOG target and facility as directed by the 
    config
  * Format of SYSLOG entries fixed to look closer to standard
  * Fixed errata in config/gentoo-confd
-  * Introduced findtime configuration variable to control the
+  * Introduced findtime configuration variable to control the lifetime of caught
-    lifetime of caught "failed" log entries
+    "failed" log entries
 ver. 0.5.3 (2005/09/08) - beta
 ----------
- Fixed a bug when overriding "maxfailures" or "bantime".
+- Fixed a bug when overriding "maxfailures" or "bantime". Thanks to Yaroslav
-  Thanks to Yaroslav Halchenko
+  Halchenko
- Added more debug output if an error occurs when sending
+- Added more debug output if an error occurs when sending mail. Thanks to
-  mail. Thanks to Stephen Gildea
+  Stephen Gildea
- Renamed "maxretry" to "maxfailures" and changed default
+- Renamed "maxretry" to "maxfailures" and changed default value to 5. Thanks to
-  value to 5. Thanks to Stephen Gildea
+  Stephen Gildea
 - Hopefully fixed bug #1256075
 - Fixed bug #1262345
 - Fixed exception handling in PIDLock
- Removed warning when using "-V" or "-h" with no config
+- Removed warning when using "-V" or "-h" with no config file. Thanks to
-  file. Thanks to Yaroslav Halchenko
+  Yaroslav Halchenko
- Removed "-i eth0" from config file. Thanks to Yaroslav
+- Removed "-i eth0" from config file. Thanks to Yaroslav Halchenko
  Halchenko
 ver. 0.5.2 (2005/08/06) - beta
 ----------
@ -374,11 +319,9 @@ ver. 0.5.1 (2005/07/23) - beta
 ----------
 - Fixed bugs #1241756, #1239557
 - Added log targets in configuration file. Removed -l option
- Changed iptables rules in order to create a separated chain
+- Changed iptables rules in order to create a separated chain for each section
  for each section
 - Fixed static banList in firewall.py
- Added an initd script for Debian. Thanks to Yaroslav
+- Added an initd script for Debian. Thanks to Yaroslav Halchenko
  Halchenko
 - Check for obsolete files after install
 ver. 0.5.0 (2005/07/12) - beta
@ -386,24 +329,22 @@ ver. 0.5.0 (2005/07/12) - beta
 - Added support for CIDR mask in ignoreip
 - Added mail notification support
 - Fixed bug #1234699
- Added tags replacement in rules definition. Should allow a
+- Added tags replacement in rules definition. Should allow a clean solution for
-  clean solution for Feature Request #1229479
+  Feature Request #1229479
 - Removed "interface" and "firewall" options
- Added start and end commands in the configuration file.
+- Added start and end commands in the configuration file. Thanks to Yaroslav
-  Thanks to Yaroslav Halchenko
+  Halchenko
 - Added firewall rules definition in the configuration file
 - Cleaned fail2ban.py
- Added an initd script for RedHat/Fedora. Thanks to Andrey
+- Added an initd script for RedHat/Fedora. Thanks to Andrey G. Grozin
  G. Grozin
 ver. 0.4.1 (2005/06/30) - stable
 ----------
- Fixed textToDNS method which generated wrong matches for
+- Fixed textToDNS method which generated wrong matches for "rhost=12-xyz...".
-  "rhost=12-xyz...". Thanks to Tom Pike
+  Thanks to Tom Pike
 - fail2ban.conf modified for readability. Thanks to Iain Lea
 - Added an initd script for Gentoo
- Changed default PID lock file location from /tmp to
+- Changed default PID lock file location from /tmp to /var/run
  /var/run
 ver. 0.4.0 (2005/04/24) - stable
 ----------
@ -419,8 +360,8 @@ ver. 0.3.1 (2005/03/31) - beta
 ver. 0.3.0 (2005/02/24) - beta
 ----------
- Re-writting of parts of the code in order to handle several
+- Re-writting of parts of the code in order to handle several log files with
-  log files with different rules
+  different rules
 - Removed sshd.py because it is no more needed
 - Fixed a bug when exiting with IP in the ban list
 - Added PID lock file
@ -430,26 +371,22 @@ ver. 0.3.0 (2005/02/24) - beta
 ver. 0.1.2 (2004/11/21) - beta
 ----------
- Add ipfw and ipfwadm support. The rules are taken from
+- Add ipfw and ipfwadm support. The rules are taken from BlockIt. Thanks to
-  BlockIt. Thanks to Robert Edeker
+  Robert Edeker
- Add -e option which allows to set the interface. Thanks to
+- Add -e option which allows to set the interface. Thanks to Robert Edeker who
-  Robert Edeker who reminded me this
+  reminded me this
 - Small code cleaning
 ver. 0.1.1 (2004/10/23) - beta
 ----------
- Add SIGTERM handler in order to exit nicely when in daemon
+- Add SIGTERM handler in order to exit nicely when in daemon mode
-  mode
+- Add -r option which allows to set the maximum number of login failures
- Add -r option which allows to set the maximum number of
+- Remove the Metalog class as the log file are not so syslog daemon specific
-  login failures
+- Rewrite log reader to be service centered. Sshd support added. Match "Failed
- Remove the Metalog class as the log file are not so syslog
+  password" and "Illegal user"
  daemon specific
 - Rewrite log reader to be service centered. Sshd support
  added. Match "Failed password" and "Illegal user"
 - Add /etc/fail2ban.conf configuration support
 - Code documentation
 ver. 0.1.0 (2004/10/12) - alpha
 ----------
 - Initial release
--- a/94
+++ b/94
@ -1,21 +1,19 @@
-               __      _ _ ___ _               
+                         __      _ _ ___ _               
-              / _|__ _(_) |_  ) |__  __ _ _ _  
+                        / _|__ _(_) |_  ) |__  __ _ _ _  
-             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+                       |  _/ _` | | |/ /| '_ \/ _` | ' \ 
-             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+                       |_| \__,_|_|_/___|_.__/\__,_|_||_|
-=============================================================
+================================================================================
-Fail2Ban (version 0.8.4)                           2008/??/??
+Fail2Ban (version 0.8.4)                                              2009/??/??
-=============================================================
+================================================================================
-Fail2Ban scans log files like /var/log/pwdfail and bans IP
+Fail2Ban scans log files like /var/log/pwdfail and bans IP that makes too many
-that makes too many password failures. It updates firewall
+password failures. It updates firewall rules to reject the IP address. These
-rules to reject the IP address. These rules can be defined by
+rules can be defined by the user. Fail2Ban can read multiple log files such as
-the user. Fail2Ban can read multiple log files such as sshd
+sshd or Apache web server ones.
 or Apache web server ones.
-This README is a quick introduction to Fail2ban. More
+This README is a quick introduction to Fail2ban. More documentation, FAQ, HOWTOs
-documentation, FAQ, HOWTOs are available on the project
+are available on the project website: http://www.fail2ban.org
 website: http://www.fail2ban.org
 Installation:
 -------------
@ -32,33 +30,32 @@ To install, just do:
 > cd fail2ban-0.8.4
 > python setup.py install
-This will install Fail2Ban into /usr/share/fail2ban. The
+This will install Fail2Ban into /usr/share/fail2ban. The executable scripts are
-executable scripts are placed into /usr/bin.
+placed into /usr/bin.
-It is possible that Fail2ban is already packaged for your
+It is possible that Fail2ban is already packaged for your distribution. In this
-distribution. In this case, you should use it.
+case, you should use it.
 Fail2Ban should be correctly installed now. Just type:
 > fail2ban-client -h
-to see if everything is alright. You should always use
+to see if everything is alright. You should always use fail2ban-client and never
-fail2ban-client and never call fail2ban-server directly.
+call fail2ban-server directly.
 Configuration:
 --------------
-You can configure Fail2ban using the files in /etc/fail2ban.
+You can configure Fail2ban using the files in /etc/fail2ban. It is possible to
-It is possible to configure the server using commands sent to
+configure the server using commands sent to it by fail2ban-client. The available
-it by fail2ban-client. The available commands are described
+commands are described in the man page of fail2ban-client. Please refer to it or
-in the man page of fail2ban-client. Please refer to it or to
+to the website: http://www.fail2ban.org
 the website: http://www.fail2ban.org
 Contact:
 --------
-You need some new features, you found bugs or you just
+You need some new features, you found bugs or you just appreciate this program,
-appreciate this program, you can contact me at:
+you can contact me at:
 Website: http://www.fail2ban.org
@ -67,34 +64,27 @@ Cyril Jaquier: <cyril.jaquier@fail2ban.org>
 Thanks:
 -------
-Kévin Drapel, Marvin Rouge, Sireyessire, Robert Edeker,
+Kévin Drapel, Marvin Rouge, Sireyessire, Robert Edeker, Tom Pike, Iain Lea,
-Tom Pike, Iain Lea, Andrey G. Grozin, Yaroslav Halchenko,
+Andrey G. Grozin, Yaroslav Halchenko, Jonathan Kamens, Stephen Gildea, Markus
-Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
+Hoffmann, Mark Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler, Nick
-Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
+Munger, Christoph Haas, Justin Shore, Joël Bertrand, René Berber, mEDI, Axel
-Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
+Thimm, Eric Gerbier, Christian Rauch, Michael C. Haller, Jonathan Underwood,
-René Berber, mEDI, Axel Thimm, Eric Gerbier, Christian Rauch,
+Hanno 'Rince' Wagner, Daniel B. Cid, David Nutter, Raphaël Marichez, Guillaume
-Michael C. Haller, Jonathan Underwood, Hanno 'Rince' Wagner,
+Delvit, Vaclav Misek, Adrien Clerc, Michael Hanselmann, Vincent Deffontaines,
-Daniel B. Cid, David Nutter, Raphaël Marichez, Guillaume
+Bill Heaton, Russell Odom, Christos Psonis and many others.
 Delvit, Vaclav Misek, Adrien Clerc, Michael Hanselmann,
 Vincent Deffontaines, Bill Heaton, Russell Odom and many
 others.
 License:
 --------
-Fail2Ban is free software; you can redistribute it
+Fail2Ban is free software; you can redistribute it and/or modify it under the
-and/or modify it under the terms of the GNU General Public
+terms of the GNU General Public License as published by the Free Software
-License as published by the Free Software Foundation; either
+Foundation; either version 2 of the License, or (at your option) any later
 version 2 of the License, or (at your option) any later
 version.
-Fail2Ban is distributed in the hope that it will be
+Fail2Ban is distributed in the hope that it will be useful, but WITHOUT ANY
-useful, but WITHOUT ANY WARRANTY; without even the implied
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PARTICULAR PURPOSE. See the GNU General Public License for more details.
 PURPOSE.  See the GNU General Public License for more
 details.
-You should have received a copy of the GNU General Public
+You should have received a copy of the GNU General Public License along with
-License along with Fail2Ban; if not, write to the Free
+Fail2Ban; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-Software Foundation, Inc., 59 Temple Place, Suite 330,
+Suite 330, Boston, MA  02111-1307  USA
 Boston, MA  02111-1307  USA
--- a/36
+++ b/36
@ -1,11 +1,11 @@
-               __      _ _ ___ _               
+                         __      _ _ ___ _               
-              / _|__ _(_) |_  ) |__  __ _ _ _  
+                        / _|__ _(_) |_  ) |__  __ _ _ _  
-             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+                       |  _/ _` | | |/ /| '_ \/ _` | ' \ 
-             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+                       |_| \__,_|_|_/___|_.__/\__,_|_||_|
-=============================================================
+================================================================================
-ToDo                                         $Revision$
+ToDo                                                            $Revision$
-=============================================================
+================================================================================
 Legend:
 - not yet done
@ -15,26 +15,24 @@ Legend:
 - Removed relative imports
- Cleanup fail2ban-client and fail2ban-server. Move code to
+- Cleanup fail2ban-client and fail2ban-server. Move code to server/ and client/
  server/ and client/
- Add timeout to external commands (signal alarm, watchdog
+- Add timeout to external commands (signal alarm, watchdog thread, etc)
  thread, etc)
 - New backend: pyinotify
- Uniformize filters and actions name. Use the software name
+- Uniformize filters and actions name. Use the software name (openssh, postfix,
-  (openssh, postfix, proftp)
+  proftp)
- Added <USER> tag for failregex. Add features using this
+- Added <USER> tag for failregex. Add features using this information. Maybe add
-  information. Maybe add more tags
+  more tags
 - Look at the memory consumption. Decrease memory usage
 - More detailed statistics
- Auto-enable function (search for log files), check
+- Auto-enable function (search for log files), check modification date to see if
-  modification date to see if service is still in use
+  service is still in use
 - Improve parsing of the action parameters in jailreader.py
@ -44,8 +42,8 @@ Legend:
 - Multiline log reading
- Improve execution of action. Why does subprocess.call
+- Improve execution of action. Why does subprocess.call deadlock with
-  deadlock with multi-jails?
+  multi-jails?
 # see Feature Request Tracking System at SourceForge.net