Changelog
fail2ban (0.7.6-1ubuntu1) feisty; urgency=low
* Merge from debian unstable, remaining changes:
- Do not depend on the versioned python package.
fail2ban (0.7.6-1) unstable; urgency=low
* New upstream release, which incorporates fixes introduced in 3~pre
non-released versions (which were suggested to the users to overcome
problems reported in bug reports). In particular attention should be paid
to upstream changelog entries
- Several "failregex" and "ignoreregex" are now accepted.
Creation of rules should be easier now.
This is an alternative solution to 'multiple <HOST>' entries fix,
which is not applied to this shipped version - pay caution if upgrading
from 0.7.5-3~pre?
- Allow comma in action options. The value of the option must
be escaped with " or '.
That allowed to implement requested ability to ban multiple ports
at once (See 373592). README.Debian and jail.conf adjusted to reflect
possible use of iptables-mport
- Now Fail2ban goes in /usr/share/fail2ban instead of
/usr/lib/fail2ban. This is more compliant with FHS.
Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
- Added option banaction which is to incorporate banning agent
(usually some flavor of iptables rule), which can then be easily
overriden globally or per section
- Multiple actions are defined as action_* to serve as shortcuts
* Initd script was modified to inform about present socket file which
would forbid fail2ban-server from starting
* Adjusted default log file for postfix to be /var/log/mail.log
(Closes: #404921)
fail2ban (0.7.5-3~pre6) unstable; urgency=low
* Fail2ban now bans vsftpd logins (corrected logfile path and failregex)
(Closes: #404060)
* Made fail2ban-server tollerate multiple <HOST> entries in failregex
* Moved call to dh_pycentral before dh_installinit
* Removed unnecessary call of dh_shlibdeps
* Added filter ssh-ddos to fight DDOS attacks. Must be used with caution
if there is a possibility of valid clients accessing through
unreliable connection or faulty firewall (Closes: #404487)
* Not applying patch any more for rigid python2.4 - it is default now in
sid/etch
* Moving waiting loop for fail2ban-server to stop under do_stop
function, so it gets invoked by both 'restart' and 'stop' commands
* do_status action of init script is now using 'fail2ban-client ping'
instead of '... status' since we don't really use returned status
information, besides the return error code
-- Emmet Hikory <email address hidden> Thu, 18 Jan 2007 23:58:35 +0900
