fail2ban (0.9.0+git48-gabcab00-1) experimental; urgency=low [ Yaroslav Halchenko ] * This version went through big refactoring which allowed to gain new features such as multiline matching (see upstream's changelog for more information). * Although .local files are still supported, customizations are advised to be provided under corresponding .d/ directories. E.g. see /etc/fail2ban/jail.d/defaults-debian.conf which is where now sshd jail is enabled by default to match previous behavior of Fail2Ban in Debian. [ Daniel Schaal ] * All jails definitions were rewritten to become more concise and uniform. From this version on log paths are defined in distro specific files, for Debian this is in /etc/fail2ban/paths-debian.conf. -- Yaroslav Halchenko Tue, 25 Mar 2014 08:38:31 -0400 fail2ban (0.8.11-1) unstable; urgency=low * retroactive for 0.8.9: by default iptables-* actions do not simply DROP packets from offending IP but rather reject with icmp-port-unreachable. If DROP behaviour is preferable, provide config/action.d/iptables-blocktype.local with [Init] section defining blocktype = DROP or override action definition to provide blocktype=DROP option in jail.local * Many failregex's were tight-up in this release which could theoretically effect operation in comparison to previous release(s). -- Yaroslav Halchenko Sat, 16 Nov 2013 22:27:50 -0500 fail2ban (0.8.4-3) unstable; urgency=low * Jail named-refused-udp is unsafe and opens possibility for easy DoS, thus discouraged to be used, and commented out (see #583364 for more information). -- Yaroslav Halchenko Mon, 28 Jun 2010 22:12:22 -0400 fail2ban (0.7.1-0.2) unstable; urgency=low fail2ban 0.7 is a complete rewrite of the 0.6 version, and if you customized any of provided configuration or startup files (/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban), please read further. The configuration scheme has changed upstream: 0.7 ignores /etc/fail2ban.conf and instead uses a split configuration under /etc/fail2ban/. To retain your customizations, for example to monitor anything other than sshd, you will need to set them under that new directory; use *.local files for customizations. Please see /usr/share/doc/fail2ban/README.Debian.gz and http://fail2ban.sourceforge.net for further description of new configuration scheme. Detailed documentation is under development (see #400416). When you are satisfied with the new settings, please delete /etc/fail2ban.conf to avoid confusion. Fail2ban 0.7 uses client/server architecture and fail2ban-client is to substitute fail2ban command to provide an interface between the user and fail2ban-server. That is why some command line parameters present in fail2ban 0.6 are invalid in fail2ban-client. Such change affects /etc/default/fail2ban; you should review that file if you customized it. Please enable sections as directed in README.Debian.gz mentioned above. You must use newly shipped init.d/fail2ban, or otherwise fail2ban will not start. This note was rewritten in release 0.7.5-2 to clarify its meaning. -- Yaroslav Halchenko Sat, 9 Dec 2006 18:24:36 -0500 fail2ban (0.6.0-4) unstable; urgency=low In this version the new section ApacheAttacks was introduced to ban IPs which are found to run some known attack on the host. For now it captures just awstats and mambo related attacks. To make this feature work, the bug of wrongly specified timeregexp for Apache's access.log file was fixed. Besides that group of log files has changed to be adm, and now they are readable by the group. -- Yaroslav Halchenko Fri, 10 Feb 2006 13:05:07 -0500