From 44535df94c20a1c0db574d891be5cec2cc1544ba Mon Sep 17 00:00:00 2001 From: john Date: Sat, 7 Dec 2019 08:55:08 -0500 Subject: [PATCH] Edits. --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0c88509..8df10c5 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,8 @@ reporting, and iptables filtering. As the name implies, *ban2fail* was inspired by the popular *fail2ban* project (http://fail2ban.org). The main technical advantages *ban2fail* provides over *fail2ban* are: -+ All relevant logfiles on disk are scanned, not just the current log files. ++ By design all relevant logfiles on disk are scanned, not just the current +log files. + A unique and transparent caching scheme is employed to make this process at least 100x as fast as doing the same thing with, say, *grep*. @@ -30,6 +31,9 @@ lookups. + Efficient enough to run every 0.4 seconds without monopolizing a CPU core on a modest server. ++ In the case of a reboot or after iptables filters get flushed, blocking rules +will be instantaneously generated from entire log file histories (long memory). + *ban2fail* started with a few hours of frenzied C hacking after my mail server was exploited to deliver spam for others who had cracked a user's SMTP send