mirror of https://github.com/jrbrtsn/ban2fail
Edits.
This commit is contained in:
parent
72df5dfc03
commit
44535df94c
|
@ -7,7 +7,8 @@ reporting, and iptables filtering. As the name implies, *ban2fail* was
|
||||||
inspired by the popular *fail2ban* project (http://fail2ban.org). The main
|
inspired by the popular *fail2ban* project (http://fail2ban.org). The main
|
||||||
technical advantages *ban2fail* provides over *fail2ban* are:
|
technical advantages *ban2fail* provides over *fail2ban* are:
|
||||||
|
|
||||||
+ All relevant logfiles on disk are scanned, not just the current log files.
|
+ By design all relevant logfiles on disk are scanned, not just the current
|
||||||
|
log files.
|
||||||
|
|
||||||
+ A unique and transparent caching scheme is employed to make this process at
|
+ A unique and transparent caching scheme is employed to make this process at
|
||||||
least 100x as fast as doing the same thing with, say, *grep*.
|
least 100x as fast as doing the same thing with, say, *grep*.
|
||||||
|
@ -30,6 +31,9 @@ lookups.
|
||||||
+ Efficient enough to run every 0.4 seconds without monopolizing a CPU core on a
|
+ Efficient enough to run every 0.4 seconds without monopolizing a CPU core on a
|
||||||
modest server.
|
modest server.
|
||||||
|
|
||||||
|
+ In the case of a reboot or after iptables filters get flushed, blocking rules
|
||||||
|
will be instantaneously generated from entire log file histories (long memory).
|
||||||
|
|
||||||
|
|
||||||
*ban2fail* started with a few hours of frenzied C hacking after my mail server
|
*ban2fail* started with a few hours of frenzied C hacking after my mail server
|
||||||
was exploited to deliver spam for others who had cracked a user's SMTP send
|
was exploited to deliver spam for others who had cracked a user's SMTP send
|
||||||
|
|
Loading…
Reference in New Issue