Skip to content

@yarikoptic yarikoptic released this Jul 15, 2016 · 2021 commits to master since this release

0.9.x line is no longer heavily developed. If you are interested in
new features (e.g. IPv6 support), please consider 0.10 branch and its


  • filter.d/monit.conf
    • Extended failregex with new monit "access denied" version (gh-1355)
    • failregex of previous monit version merged as single expression
  • filter.d/postfix.conf, filter.d/postfix-sasl.conf
    • Extended failregex daemon part, matching also postfix/smtps/smtpd
      now (gh-1391)
  • Fixed a grave bug within tags substitutions because of incorrect
    detection of recursion in case of multiple inline substitutions
    of the same tag (affected actions: bsd-ipfw, etc). Now tracks
    the actual list of the already substituted tags (per tag instead
    of single list)
  • filter.d/common.conf
    • Unexpected extra regex-space in generic __prefix_line (gh-1405)
    • All optional spaces normalized in common.conf, test covered now
    • Generic __prefix_line extended with optional brackets for the
      date ambit (gh-1421), added new parameter __date_ambit
  • gentoo-initd fixed --pidfile bug: --pidfile is option of
    start-stop-daemon, not argument of fail2ban (see gh-1434)
  • filter.d/asterisk.conf
    • Fixed security log support for PJSIP and Asterisk 13+ (gh-1456)
    • Improved log support for PJSIP and Asterisk 13+ with different
      callID (gh-1458)

New Features

  • New Actions:
    • action.d/firewallcmd-rich-rules and action.d/firewallcmd-rich-logging
  • New filters:
    • slapd - ban hosts, that were failed to connect with invalid
      credentials: error code 49 (gh-1478)


  • Extreme speedup of all sqlite database operations (gh-1436),
    by using of following sqlite options:
    • (synchronous = OFF) write data through OS without syncing
    • (journal_mode = MEMORY) use memory for the transaction logging
    • (temp_store = MEMORY) temporary tables and indices are kept in memory
  • journald journalmatch for pure-ftpd (gh-1362)
  • Added additional regex filter for dovecot ldap authentication failures (gh-1370)
  • filter.d/exim*conf
    • Added additional regexes (gh-1371)
    • Made port entry optional
Assets 2