Skip to content

@yarikoptic yarikoptic released this Jul 15, 2016 · 2021 commits to master since this release

0.9.x line is no longer heavily developed. If you are interested in
new features (e.g. IPv6 support), please consider 0.10 branch and its
releases.

Fixes

  • filter.d/monit.conf
    • Extended failregex with new monit "access denied" version (gh-1355)
    • failregex of previous monit version merged as single expression
  • filter.d/postfix.conf, filter.d/postfix-sasl.conf
    • Extended failregex daemon part, matching also postfix/smtps/smtpd
      now (gh-1391)
  • Fixed a grave bug within tags substitutions because of incorrect
    detection of recursion in case of multiple inline substitutions
    of the same tag (affected actions: bsd-ipfw, etc). Now tracks
    the actual list of the already substituted tags (per tag instead
    of single list)
  • filter.d/common.conf
    • Unexpected extra regex-space in generic __prefix_line (gh-1405)
    • All optional spaces normalized in common.conf, test covered now
    • Generic __prefix_line extended with optional brackets for the
      date ambit (gh-1421), added new parameter __date_ambit
  • gentoo-initd fixed --pidfile bug: --pidfile is option of
    start-stop-daemon, not argument of fail2ban (see gh-1434)
  • filter.d/asterisk.conf
    • Fixed security log support for PJSIP and Asterisk 13+ (gh-1456)
    • Improved log support for PJSIP and Asterisk 13+ with different
      callID (gh-1458)

New Features

  • New Actions:
    • action.d/firewallcmd-rich-rules and action.d/firewallcmd-rich-logging
      (gh-1367)
  • New filters:
    • slapd - ban hosts, that were failed to connect with invalid
      credentials: error code 49 (gh-1478)

Enhancements

  • Extreme speedup of all sqlite database operations (gh-1436),
    by using of following sqlite options:
    • (synchronous = OFF) write data through OS without syncing
    • (journal_mode = MEMORY) use memory for the transaction logging
    • (temp_store = MEMORY) temporary tables and indices are kept in memory
  • journald journalmatch for pure-ftpd (gh-1362)
  • Added additional regex filter for dovecot ldap authentication failures (gh-1370)
  • filter.d/exim*conf
    • Added additional regexes (gh-1371)
    • Made port entry optional
Assets 2