Bug 800694 - [RFEs] A - IPv6 support, B - blocklist.de, C - autofwd
[RFEs] A - IPv6 support, B - blocklist.de, C - autofwd
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: fail2ban (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Axel Thimm
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-06 18:58 EST by shrek-m
Modified: 2014-03-17 20:16 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-03-17 20:16:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
fail2ban-ipv6.tar.bz2 http://thanatos.trollprod.org/sousites/fail2banv6/fail2ban-ipv6.tar.bz2 (2.24 KB, application/x-bzip2)
2012-03-08 09:27 EST, shrek-m
no flags Details

  None (edit)
Description shrek-m 2012-03-06 18:58:22 EST
3 RFEs in 1 bug
i know that this is not the best way but i have no time and otherwise i would forget it :(

Description of problem:

A.
unfortunately i am missing IPv6 support in fail2ban.
i am no developer and thought this should be no great problem but i could not find a solution.
where is the problem: fail2ban-regex, fail2ban-server or fail2ban-client ?

probably here is someone with more knowledge and you could enhance fail2ban with IPv6 support before 2012-06-06.

i tried it in this way:

1)
no changes in
filter.d/sshd.conf


2)
copy  action.d/iptables.conf  -->  action.d/ip6tables.conf
and change iptables to ip6tables

# grep ip6tables /etc/fail2ban/action.d/ip6tables.conf 
## ip6tables test - copy from iptables.conf --> ip6tables.conf
actionstart = ip6tables -N fail2ban-<name>
              ip6tables -A fail2ban-<name> -j RETURN
              ip6tables -I INPUT -p <protocol> --dport <port> -j fail2ban-<name>
actionstop = ip6tables -D INPUT -p <protocol> --dport <port> -j fail2ban-<name>
             ip6tables -F fail2ban-<name>
actioncheck = ip6tables -n -L INPUT | grep -q fail2ban-<name>
actionban = ip6tables -I fail2ban-<name> 1 -s <ip> -j DROP
actionunban = ip6tables -D fail2ban-<name> -s <ip> -j DROP


3)
create a new section for ssh-ip6tables
---- jail.conf ----
## test for ip6tables, no ipv6 is blocked ##
## ip6tables chain is created and deleted while starting and stopping fail2ban ##
[ssh-ip6tables]

enabled  = true
filter   = sshd
action   = ip6tables[name=SSH, port=ssh, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, sender=fail2ban@mail.com]
logpath  = /var/log/secure
maxretry = 5
####
----/----


4)
restart fail2ban and check iptables / ip6tables, ok, looks good.

e.g.
# iptables-save 
# Generated by iptables-save v1.4.7 on Wed Mar  7 00:12:19 2012
*filter
:INPUT ACCEPT [22:1971]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11:1040]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Wed Mar  7 00:12:19 2012

# ip6tables-save 
# Generated by ip6tables-save v1.4.7 on Wed Mar  7 00:12:37 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Wed Mar  7 00:12:37 2012


Actual result:
Unfortunately IPv4 is ok as aspected but for IPv6, no IPv6 address is blocked.
Somewhere must be a test for regular IPv4 address and IPv6 is not getting through :(


B.
I could not find a action which includes and checks the list of blocklist.de
http://www.blocklist.de/en/api.html

- i assume that it could be possible with a fail2ban-action to check the own blocked IPs from the logfiles if this IP is listed in blocklist.de too.
-- if no, than use the "bantime"
-- if yes, than block this IP for a longer period of time, e.g. "blocktime"

e.g.
"89.140.99.27"
(49.212.40.166, 88.80.64.20, 50.22.226.90, ...)

- check via dns
# host -t any 27.99.140.89.bl.blocklist.de
27.99.140.89.bl.blocklist.de descriptive text "Infected System (Service: ssh), see http://www.blocklist.de/en/view.html?ip=89.140.99.27"
27.99.140.89.bl.blocklist.de has address 127.0.0.14

- or with curl
# curl -s https://api.blocklist.de/api.php?ip=89.140.99.27
attacks: 53<br />reports: 1<br />

-- fail2ban-action:
block "89.140.99.27" permanent or longer as "bantime" e.g. "blocktime"


C.
autofwd evtl. a fail2ban alternative with IPv6 support

autofwd has IPv6 support and could evtl. be an additional  fail2ban  alternative in fedora
http://www.digitalmages.com/projects/autofwd/
http://freecode.com/projects/autofwd

afair you need
perl-ExtUtils-MakeMaker
perl-BerkeleyDB
perl-Socket6

afair you need additional perl modules from Arthur Corliss
http://search.cpan.org/~corliss/Paranoid/lib/Paranoid.pm
http://search.cpan.org/dist/Parse-PlainConfig/
Comment 1 shrek-m 2012-03-08 09:27:45 EST
Created attachment 568643 [details]
fail2ban-ipv6.tar.bz2 http://thanatos.trollprod.org/sousites/fail2banv6/fail2ban-ipv6.tar.bz2

I found a working IPv6 patch for fail2ban.

$ md5 fail2ban-ipv6.tar.bz2 
MD5 (fail2ban-ipv6.tar.bz2) = 6196ed59f13380f5be5484271256068b
downloaded 2012-03-08


http://www.fail2ban.org/wiki/index.php/Fail2ban:Community_Portal
[...]
IPv6 Experimental support
This little patch allow fail2ban to parse and ban IPv6 ips. Instead of calling iptables, it call ip6tables or iptables depending of the ip presented.
It works !, but don't use name resolution in the logs file.
http://thanatos.trollprod.org/sousites/fail2banv6/fail2ban-ipv6.tar.bz2


2 short patches
  server/failregex.py
  server/filter.py

1 file
  fail2ban/action.d/iptable46-multiport.conf

1 script: checks for ipv4 - iptables or ipv6 - ip6tables
eg. /usr/bin/ip64tables.sh

now you can change jail.conf
[ssh-iptables]
action=iptable46-multiport [name=SSH...]

you have to chmod the *.conf and *.sh
Comment 2 shrek-m 2012-03-08 09:50:05 EST
service fail2ban, ssh, /var log/messages, ip[6]tables-save


# service fail2ban stop
---- messages ----
Mar  8 15:31:40 srv01 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
Mar  8 15:31:40 srv01 fail2ban.server : INFO   Exiting Fail2ban


# service fail2ban start
---- messages ----
Mar  8 15:32:45 srv01 fail2ban.server : INFO   Changed logging target to SYSLOG for Fail2ban v0.8.4
Mar  8 15:32:45 srv01 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
Mar  8 15:32:45 srv01 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
Mar  8 15:32:45 srv01 fail2ban.filter : INFO   Added logfile = /var/log/secure
Mar  8 15:32:45 srv01 fail2ban.filter : INFO   Set maxRetry = 5
Mar  8 15:32:45 srv01 fail2ban.filter : INFO   Set findtime = 600
Mar  8 15:32:45 srv01 fail2ban.actions: INFO   Set banTime = 600
Mar  8 15:32:45 srv01 fail2ban.jail   : INFO   Jail 'ssh-iptables' started


# iptables-save 
# Generated by iptables-save v1.4.7 on Thu Mar  8 15:33:37 2012
*filter
:INPUT ACCEPT [77:8931]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [35:2675]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH 
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Thu Mar  8 15:33:37 2012


# ip6tables-save 
# Generated by ip6tables-save v1.4.7 on Thu Mar  8 15:35:22 2012
*filter
:INPUT ACCEPT [2:128]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2:120]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Thu Mar  8 15:35:22 2012


192.168.101.200$ ssh 192.168.101.2 (is blocked)
---- messages ----
Mar  8 15:36:01 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:38 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:38 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:42 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:42 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:42 srv01 <31>fail2ban.filter : DEBUG  Found 192.168.101.200
Mar  8 15:36:42 srv01 <28>fail2ban.actions: WARNING [ssh-iptables] Ban 192.168.101.200


2001:db8:1::3$ ssh 2001:db8:1::2 (is blocked too)
---- messages ----
Mar  8 15:38:27 srv01 <31>fail2ban.filter : DEBUG  Found 2001:db8:1::3
Mar  8 15:38:53 srv01 <31>fail2ban.filter : DEBUG  Found 2001:db8:1::3
Mar  8 15:38:58 srv01 <31>fail2ban.filter : DEBUG  Found 2001:db8:1::3
Mar  8 15:39:03 srv01 <31>fail2ban.filter : DEBUG  Found 2001:db8:1::3
Mar  8 15:39:10 srv01 <31>fail2ban.filter : DEBUG  Found 2001:db8:1::3
Mar  8 15:39:11 srv01 <28>fail2ban.actions: WARNING [ssh-iptables] Ban 2001:db8:1::3


# iptables-save 
# Generated by iptables-save v1.4.7 on Thu Mar  8 15:44:52 2012
*filter
:INPUT ACCEPT [352:60071]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [127:11890]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH 
-A fail2ban-SSH -s 192.168.101.200/32 -j DROP 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Thu Mar  8 15:44:52 2012


# ip6tables-save 
# Generated by ip6tables-save v1.4.7 on Thu Mar  8 15:45:01 2012
*filter
:INPUT ACCEPT [31:4210]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [42:4447]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH 
-A fail2ban-SSH -s 2001:db8:1::3/128 -j DROP 
-A fail2ban-SSH -j RETURN 
COMMIT
# Completed on Thu Mar  8 15:45:01 2012
Comment 3 shrek-m 2012-03-09 10:08:43 EST
RFE A:
this was the main reason for filing this bug.
i have patched my production servers, all are ok and are working now with  IPv6 fail2ban  as expected.
if you could at least include the ipv6 patch in some way this RFE would be resolved.


REF C:
if you include the ipv6 patch my request for autofwd as working ipv6-alternative to fail2ban is obsolete, at least from my side.


REF B:
this would be a "nice to have" but for now IPv6 is in my opinion a "must have" before 2012-06-06
i will add some infos in the next comment.



Other additional info for some handy time variables from ...

---- http://www.fail2ban.org/wiki/index.php/Fail2ban:Community_Portal ----
Handy time variable aliases

I've (re-)discovered that one can use handy time aliases for bantime and findtime.
---- jail.conf ----
Here's how I defined them in my jail.conf: 
## bantime of 3600 = 60*60 = one hour
## bantime of 86400 = 60*60*24 = one day
## bantime of 604800 = 60*60*24*7 = one week
## bantime of 2592000 = 60*60*24*30 = (approx) one month
## bantime of 31536000 = 60*60*24*365 = (approx) one year
one_hour = 3600
one_day = 86400
one_week = 604800
one_month = 2592000
one_year = 31536000 
----/jail.conf ----

Use the aliases like this:
---- jail.conf ----
findtime = %(one_week)s
bantime = %(one_week)s
----/jail.conf ----
Remember the trailing "s"! 

----/----
Comment 4 shrek-m 2012-03-09 10:46:07 EST
REF B:
some infos for developers who will evtl. look into fail2ban with blocklist.de support


1)
evtl. action = blocklist[.conf]
check the banned IPs (iptables or /var/log/messages) if the IPs are listet in blocklist.de dns and block it with a longer "bantime" or a new "blocklist_bantime"


2)
evtl. direct blocklist.de support in fail2ban.
- check the <HOST> IPs before banning
- check the banned IPs later

http://www.blocklist.de/en/export.html
evtl. additional definitions in jail.conf ?
eg.
blocklist_use = yes|no
blocklist_source = dns | url | file | all
bloclist_destination = apache | asterisk | bots | ftp | imap | mail | ssh | all
blocklist_bantime = <time in seconds | one_hour | one_day | one_month | one_year>


for 1)
--- eg. for banned IPs - iptables ---
# iptables-save  | grep DROP
-A fail2ban-SSH -s 78.188.30.7/32 -j DROP 
-A fail2ban-SSH -s 89.140.99.27/32 -j DROP 
-A fail2ban-SSH -s 61.253.249.157/32 -j DROP 
-A fail2ban-SSH -s 59.60.7.111/32 -j DROP 
-A fail2ban-SSH -s 88.80.64.20/32 -j DROP 

--- eg. for banned ips for sshd in /var/log/messages ---
# grep Ban /var/log/messages | awk -F' ' '{print $9 }' | sort
114.207.112.95
121.108.95.188
121.14.46.119
124.205.190.102
125.16.142.163
173.45.104.226
178.89.110.162
212.96.26.114
221.174.50.130
46.61.180.100
49.212.40.166
50.22.226.90
59.60.7.111
61.253.249.157
69.162.121.83
78.131.7.21
78.188.30.7
85.186.111.17
85.25.148.120
88.191.74.210
88.191.74.210
88.191.74.210
88.191.74.210
88.80.64.20
88.80.64.20
88.80.64.20
88.80.64.20
89.140.99.27
89.140.99.27
[...]
89.140.99.27
91.205.189.27


for 2)
http://www.blocklist.de/en/api.html

i got a short answer from a python-developer
---- is this a correct python snippet for IPv4 reverseDNS ? ----
ip = '89.140.99.27'.split('.')
ip.reverse()
ip = '.'.join(ip + ['bl.blocklist.de',])
---- or  ----
def rdnsblocklist(ip):
    ip = ip.split('.')
    ip.reverse()
    return '.'.join(ip + ['bl.blocklist.de',])

# to use as
rdnsblocklist( '89.140.99.27') 
----/python snippet ----



here some fail2ban files eg.
----  /usr/share/fail2ban/server/filter.py ----
##
        # Ban an IP - http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html
        # Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
        #
        # to enable banip fail2ban-client BAN command

        def addBannedIP(self, ip):
                unixTime = time.time()
                self.failManager.addFailure(FailTicket(ip, unixTime))
                return ip

##
        # Add an IP/DNS to the ignore list.
        #
        # IP addresses in the ignore list are not taken into account
        # when finding failures. CIDR mask and DNS are also accepted.
        # @param ip IP address to ignore

        def addIgnoreIP(self, ip):
                logSys.debug("Add " + ip + " to ignore list")
                self.__ignoreIpList.append(ip)

        def delIgnoreIP(self, ip):
                logSys.debug("Remove " + ip + " from ignore list")
                self.__ignoreIpList.remove(ip)

        def getIgnoreIP(self):
                return self.__ignoreIpList

##
        # Check if IP address/DNS is in the ignore list.
        #
        # Check if the given IP address matches an IP address/DNS or a CIDR
        # mask in the ignore list.
        # @param ip IP address
        # @return True if IP address is in ignore list

        def inIgnoreIPList(self, ip):
                for i in self.__ignoreIpList:
                        # An empty string is always false
                        if i == "":
                                continue
                        s = i.split('/', 1)
                        # IP address without CIDR mask
                        if len(s) == 1:
                                s.insert(1, '32')
                        s[1] = long(s[1])
                        try:
                                a = DNSUtils.cidr(s[0], s[1])
                                b = DNSUtils.cidr(ip, s[1])
                        except Exception:
                                # Check if IP in DNS
                                ips = DNSUtils.dnsToIp(i)
                                if ip in ips:
                                        return True
                                else:
                                        continue
                        if a == b:
                                return True
                return False


---- /usr/share/fail2ban/server/actions.py ----
##
        # Set the ban time.
        #
        # @param value the time

        def setBanTime(self, value):
                self.__banManager.setBanTime(value)
                logSys.info("Set banTime = %s" % value)

        ##
        # Get the ban time.
        #
        # @return the time

        def getBanTime(self):
                return self.__banManager.getBanTime()
[...]
##
        # Check for IP address to ban.
        #
        # Look in the Jail queue for FailTicket. If a ticket is available,
        # it executes the "ban" command and add a ticket to the BanManager.
        # @return True if an IP address get banned

        def __checkBan(self):
                ticket = self.jail.getFailTicket()
                if ticket != False:
                        aInfo = dict()
                        bTicket = BanManager.createBanTicket(ticket)
                        aInfo["ip"] = bTicket.getIP()
                        aInfo["failures"] = bTicket.getAttempt()
                        aInfo["time"] = bTicket.getTime()
                        if self.__banManager.addBanTicket(bTicket):
                                logSys.warn("[%s] Ban %s" % (self.jail.getName(), aInfo["ip"]))
                                for action in self.__actions:
                                        action.execActionBan(aInfo)
                                return True
                        else:
                                logSys.warn("[%s] %s already banned" % (self.jail.getName(),

                            aInfo["ip"]))
                return False
[...]

----  /usr/share/fail2ban/server/server.py ---- 
# grep -i bantime  /usr/share/fail2ban/server/server.py
	def setBanTime(self, name, value):
		self.__jails.getAction(name).setBanTime(value)
	def getBanTime(self, name):
		return self.__jails.getAction(name).getBanTime()

# grep -i banip  /usr/share/fail2ban/server/server.py
	def setBanIP(self, name, value):


---- /usr/share/fail2ban/server/transmitter.py ----
# grep -i bantime  /usr/share/fail2ban/server/transmitter.py
		elif command[1] == "bantime":
			self.__server.setBanTime(name, int(value))
			return self.__server.getBanTime(name)
		elif command[1] == "bantime":
			return self.__server.getBanTime(name)
# grep -i banip  /usr/share/fail2ban/server/transmitter.py
		elif command[1] == "banip":
			return self.__server.setBanIP(name,value)

----/----
Comment 5 Jonathan Underwood 2012-03-09 13:07:31 EST
The normal route for changes into Fedora is to submit them upstream to the project. Your patches look very good, but please do submit them upstream - www.fail2ban.org.
Comment 6 shrek-m 2012-03-09 15:08:03 EST
the patches are not from me :)
IPv6 patches are from - thanspam@trollprod.org - http://thanatos.trollprod.org/

fail2ban Author: Cyril Jaquier as CC  cyril.jaquier@fail2ban.org , see below

The few fail2ban bugs, requests, patches, ... since 2008 seems to be mostly open and assigned to nobody :(

here are my 2 RFEs - sf.net  fail2ban
https://sourceforge.net/tracker/?func=detail&atid=689047&aid=3500617&group_id=121032
IPv6 support - a working patch is available - ID: 3500617

https://sourceforge.net/tracker/?func=detail&atid=689047&aid=3500630&group_id=121032
direct blocklist.de support as action or as definitions - ID: 3500630

--------
# grep -r Author /usr/share/fail2ban/
/usr/share/fail2ban/common/__init__.py:# Author: Cyril Jaquier
/usr/share/fail2ban/common/version.py:# Author: Cyril Jaquier
/usr/share/fail2ban/common/protocol.py:# Author: Cyril Jaquier
/usr/share/fail2ban/common/helpers.py:# Author: Cyril Jaquier
/usr/share/fail2ban/common/helpers.py:# Author: Arturo 'Buanzo' Busleiman
/usr/share/fail2ban/common/helpers.py:    """ Author: Arturo 'Buanzo' Busleiman """
Übereinstimmungen in Binärdatei /usr/share/fail2ban/common/helpers.pyo.
Übereinstimmungen in Binärdatei /usr/share/fail2ban/common/helpers.pyc.
/usr/share/fail2ban/client/filterreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/__init__.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/jailsreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/configparserinc.py:# Author: Yaroslav Halchenko
/usr/share/fail2ban/client/configurator.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/configreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/fail2banreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/jailreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/csocket.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/beautifier.py:# Author: Cyril Jaquier
/usr/share/fail2ban/client/actionreader.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/asyncserver.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/jailthread.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/datedetector.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/filter.py.orig:# Author: Cyril Jaquier
/usr/share/fail2ban/server/__init__.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/filterpoll.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/mytime.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/jails.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/filter.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/ticket.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/banmanager.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/server.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/failmanager.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/datetemplate.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/jail.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/failregex.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/filtergamin.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/action.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/transmitter.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/actions.py:# Author: Cyril Jaquier
/usr/share/fail2ban/server/faildata.py:# Author: Cyril Jaquier
/usr/share/fail2ban/fail2ban-0.8.4-py2.6.egg-info:Author: Cyril Jaquier
/usr/share/fail2ban/fail2ban-0.8.4-py2.6.egg-info:Author-email: cyril.jaquier@fail2ban.org
Comment 7 shrek-m 2012-03-13 12:17:23 EDT
Info about IPv6 and fail2ban blocklist.de support, here is a quote

---- blocklist.de ipv6 2012-03-13 ----
When you have patched Fail2ban and he can support ipv6, we can also list
ipv6-Attackers, but not in the dns-rbl.
The Database-Fieds an IP-Checks are IPv6 ready, but at the moment i never
have seen an ipv6-attacker.

Your blocklist.de-Team
----/----
Comment 8 Orion Poplawski 2014-03-17 20:16:09 EDT
Please file all RFEs with upstream.  Thanks!

Note You need to log in before you can comment on or make changes to this bug.