New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0.10.4? #2170
Comments
Yes, sir! As soon as I got fixed #2137 and pair other still open bugs... (and will take a look what going wrong with py-3.7) |
@yarikoptic so #2137 seems to be fixed now in #2171 (waiting for confirmation, self test)... BTW. Could you take a look into #2148 (e. g. you know better as regards the old debian distro's)... and/or just close it if answered. |
Too many things todo, but the grave things have gone, so I would say, let us do a release 0.10.4 as is. |
sounds great, I will hopefully give it some testing also over weekend |
I see a branch 0.11, still waiting for the release 0.10.4, or will be 0.11 ? |
at the moment we have following branches:
So 0.10.4 will be indeed released soon, and hopefully rolled out for all distributions (at least which already using 0.10 branch). But it is the thing of maintainers. As regards the 0.11th - ATM, I don't know exact time point I'll release it. As soon as possible (but no time to fulfill some things still bothered me to make official release). |
Got it, thanks for the explanation |
Are there particular issues you'd like users to pay attention to when using
0.11 Sergey?
The only real problem I have with 0.11 is when I run "complicated" jails
that have large numbers of ignoreregexes, (it eventually sticks at 100% CPU
usage and no more f2b work gets done, but I've never been able to make a
test case to show you). Other than that, the build has been wonderfully
stable for me.
-- Tony Collins
|
Not that I remember. Excepting one: once executed the fail2ban-database will be converted to new version (with no fallback possibility), so one should delete it if he want back to 0.10.
I don't know what exactly can cause this, possibly just very large "parasite" traffic in the log-file (too many messages that fail2ban has to process), but:
|
Thank you so much - the fixes you have just suggested have really opened my
eyes! I honestly never realised that my regex choices could have this kind
of impact (for example: for clarity I list all my regexes in alphabetical
order, which it seems could cause fail2ban to work a lot harder!). Your
reply is extremely helpful.
I appreciate that I am posting on someone else's "issue"; I will open a
topic about regex optimisation soon, giving examples from my .conf and
asking advice, as I think it might be helpful to others. Perhaps I can then
write a guide for users. I would love to contribute in that way.
Tony Collins
RMT Tier 1 Health & Safety Representative
Edgware Road Traincrew Depot
07949 228324
…On 26 July 2018 at 13:06, Sergey G. Brester ***@***.***> wrote:
Are there particular issues you'd like users to pay attention to when
using 0.11
Not that I remember. Excepting one: once executed the fail2ban-database
will be converted to new version (with no fallback possibility), so one
should delete it if he want back to 0.10.
The only real problem I have ... have large numbers of ignoreregexes...
100% last
I don't know what exactly can cause this, possibly just very large
"parasite" traffic in the log-file (too many messages that fail2ban has to
process), but:
- there is no differences between 0.10 and 0.11 as regards the message
matching (so you'll see the same in 0.10, possibly still worse);
- to "fix" it for you, you could:
- optimize the regexp's (meant both - failregex and ignoreregex);
- use common prefregex (and short and efficient as possible);
- reorganize the regexp order by occurrence in log (frequently as
first);
- try to minimize count of log-messages in observing log-file, e.
g. by means of extracting the failures by application/service into separate
log (e. g. by nginx via extra location for 40x|50x-error codes with own
extra access-log set in location) or using re-targeting in rsyslog.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2170 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AEwhqGinb8IOIa3FYu8Y5uhOGU2KV0qXks5uKbDHgaJpZM4VBMQJ>
.
|
@evilplan yw... |
a bit later as promised (but even convenient to 10/04) - here is 0.10.4 released. |
@evilplan et al. The how-to's above were rewritten as part of new wiki article Best practice :: wiki. |
Hi @sebres
Thanks for pushing the beast forward and beyond ;) I need to update package in Debian (now good old 0.10.2 fails with python3.7) and thought if you have plans to push out a fresh bugfix in 0.10.x?
The text was updated successfully, but these errors were encountered: