From Fail2ban
Revision as of 09:47, 25 January 2007 by (Talk) (Current features (0.6.x): typo)

Jump to: navigation, search

Current features (0.6.x)

Here is a list of the main features available in Fail2ban.

  • Highly configurable.
  • Parses log files and looks for given patterns.
  • Executes a command when a pattern has been detected for the same IP address for more than X times. X can be changed.
  • After a given amount of time, executes another command in order to unban the IP address.
  • Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) or others firewalls.
  • Handles log files rotation.
  • Can handle more than one service (sshd, apache, vsftpd, etc).
  • Resolves DNS hostname to IP address.
  • Can send e-mail notifications.
  • Runs as a daemon.
  • Multiple logging targets (syslog daemon, stdout, stderr, files).


Here is the planned roadmap. If you want to contribute or help on one of these features, please contact the author.



  • Man pages done
  • Add missing features of 0.6.x
    • Mail notification done
    • Check command done
  • Improve socket communication done
  • Autodetect date format done
  • Improve client (output, interactive mode, etc) done


  • Documentation done
  • Add FAM/Gamin support done
  • Improve test framework done
  • Add support for wildcard in logfile done


  • Bug fixes


  • Migration tool from 0.6.x to 0.8.0
  • Documentation
  • Howtos