fail2ban 0.9 branch does not support IPv6; existing logic can misinterpret IPv6 addresses in logs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fail2ban |
Fix Released
|
Unknown
|
|||
fail2ban (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
See release note for v0.9.5 (https:/
NB this is *not* just a "feature request"--the existing code can wrongly ban IPv4 addresses by misinterpreting IPv6 addresses in the logs. So at the very least, IPv6 addresses should *never* lead to spurious bans:
# grep failregex /etc/fail2ban/
failregex = Login attempt limit reached.*, ip: <HOST>
# grep eumel /var/www/
2016-07-30 12:06:39,595 [WARNING] seahub.
# fail2ban-client status seafile
Status for the jail: seafile
|- Filter
| |- Currently failed: 1
| |- Total failed: 3
| `- File list: /var/www/
`- Actions
|- Currently banned: 1
|- Total banned: 1
`- Banned IP list: 0.0.7.209
description: | updated |
Changed in fail2ban: | |
status: | Unknown → Fix Released |
Reported upstream as well (https:/ /github. com/fail2ban/ fail2ban/ issues/ 1493)