From: Arturo 'B. B. <bu...@bu...> - 2009-08-12 21:37:50
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Cyril! Nice to know you're OK. I was also following fail2ban.org's wiki, trying to see if you were active... or alive, actually. I know you are military related, so, well, you never know. I wrote a piece of software that reads /var/log/fail2ban.log, and reg-matches to obtain Action/IP/Jail triplets. When it gets a match, it transmits that to other fail2ban-cluster agents on other hosts (using authenticated http, preferably over a vpn or correctly firewalled ip), and these other agents run fail2ban-client jail_name banip banned_ip. The banip command is a simple patch I made and sent you. I linked it from your roadmap for 0.9.0 features page in the wiki. I wrote this cause I have 3 servers around the world, providing the same 3 services to a set of custoemrs (SMTP and DNS mainly). SO if I fail2ban in node1 discovers and blocks an attacker, I want the other hosts to proactively block it. I wrote it as an adhoc for fail2ban instead of a complete patch for it, as I hadn't been able to contact you (I sent you an email with this idea before I even wrote a single line of code), and I was not sure what your plans were, etc. I'd be happy to contribute to fail2ban, cause I really like and use it a lot. Yours, Cyril Jaquier wrote: > Hi Arturo, hi all, > > I'm OK. I'm really sorry... I have the bad habit of not always > responding to e-mails directly :( I'm currently really busy at work > (probably until the end of June) and also working on another OSS project > for Android [1]. > > I will try to answer my e-mails as soon as possible (this week-end > probably). > > So I'm still here and will still work on fail2ban. Arturo (or someone > else), if you have interest in working on the project, we can discuss > about SVN access. Workforce is always welcome :) > > Regards, > > Cyril > > [1] http://www.jaqpot.net/netcounter > > Arturo 'Buanzo' Busleiman wrote: >> Hi! Does anyone know if Cyril is OK? I've been trying to contact him for a couple months now, with >> some patches, ideas, even a whole application I created (fail2ban-cluster, a preemptive fail2ban >> adhoc module that notifies banned IPs to other nodes in the network). > >> So, does anybody know anything about his status?? > >> Yours, > > > - > ------------------------------------------------------------------------------ > Register Now & Save for Velocity, the Web Performance & Operations > Conference from O'Reilly Media. Velocity features a full day of > expert-led, hands-on workshops and two days of sessions from industry > leaders in dedicated Performance & Operations tracks. Use code vel09scf > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > _______________________________________________ > Fail2ban-users mailing list > Fai...@li... > https://lists.sourceforge.net/lists/listinfo/fail2ban-users > - -- Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107 Independent Linux and Security Consultant - SANS - OISSG - OWASP http://www.buanzo.com.ar/pro/eng.html Mailing List Archives at http://archiver.mailfighter.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkqDNI0ACgkQAlpOsGhXcE2+iACffeT3kl3EKnN98NXLClpwkX4f 8bQAmwbWChZeeI11lGomb8O62BA4jUme =7hla -----END PGP SIGNATURE----- |