From: Daniel Black <daniel.subs@in...> - 2013-06-14 12:41:20
On 14/06/13 19:51, Felix J. Ogris wrote:
> don't know whether it's welcome
Patches are usually preferred as a github pull request.
> or needed,
IPv6 support is definitely needed.
> but please find the attached patch for fail2ban-debian-0.8.10-1. It provides IPv6 support for fail2ban-server. Further suggestions are welcome.
Its a good start to get the base support of IPv6 matching into fail2ban.
its a little more complicated however:
* IPv6 attacker/compromised hosts are regularly allocated a large IPv6
block so there needs to be a mechanism to take into account a network mask.
* A large number of actions handle IPv6 very differently so these need
to be accounted for.
* DNS resolution needs to be IPv6 as well
Some other things where mentioned here:
I almost got there with:
Missing bits are:
* The fails need to be consolidated into a network blocks and not just
* Since ( ip , cidr, address family) is effectively becoming a key to
fails its not that much to do any key as a fail and support other types
of blocking ( https://github.com/fail2ban/fail2ban/issues/67 )
Because of the reworked needed for the above feature adding the
following isn't that much of a stretch:
* https://github.com/fail2ban/fail2ban/issues/201 - IPv4 network bans
So at the moment I'm waiting to gain some more days to pull all this
again into a massive patchset with more test cases (there's lots
already) and the additional features mentioned.
If anyone has time to contribute these I'll take pull requests on my
repository and will assist rebaseing it of master again.
Get latest updates about Open Source Projects, Conferences and News.