Skip to content
0.9.5
default avatar
debian@onerussian.com
dca5ff44 · Merge branch 'bf-common-zzz' ·
Unverified 
ver. 0.9.5 (2016/07/15) - old-not-obsolete
-----------

0.9.x line is no longer heavily developed.  If you are interested in
new features (e.g. IPv6 support), please consider 0.10 branch and its
releases.

* `filter.d/monit.conf`
    - Extended failregex with new monit "access denied" version (gh-1355)
    - failregex of previous monit version merged as single expression
* `filter.d/postfix.conf`, `filter.d/postfix-sasl.conf`
    - Extended failregex daemon part, matching also `postfix/smtps/smtpd`
      now (gh-1391)
* Fixed a grave bug within tags substitutions because of incorrect
  detection of recursion in case of multiple inline substitutions
  of the same tag (affected actions: `bsd-ipfw`, etc).  Now tracks
  the actual list of the already substituted tags (per tag instead
  of single list)
* `filter.d/common.conf`
    - Unexpected extra regex-space in generic `__prefix_line` (gh-1405)
    - All optional spaces normalized in `common.conf`, test covered now
    - Generic `__prefix_line` extended with optional brackets for the
     date ambit (gh-1421), added new parameter `__date_ambit`
* `gentoo-initd` fixed `--pidfile` bug: `--pidfile` is option of
  `start-stop-daemon`, not argument of fail2ban (see gh-1434)
* `filter.d/asterisk.conf`
    - Fixed security log support for PJSIP and Asterisk 13+ (gh-1456)
    - Improved log support for PJSIP and Asterisk 13+ with different
      callID (gh-1458)

* New Actions:
    - `action.d/firewallcmd-rich-rules` and `action.d/firewallcmd-rich-logging`
        (gh-1367)
* New filters:
    - slapd - ban hosts, that were failed to connect with invalid
        credentials: error code 49 (gh-1478)

* Extreme speedup of all sqlite database operations (gh-1436),
  by using of following sqlite options:
    - (synchronous = OFF) write data through OS without syncing
    - (journal_mode = MEMORY) use memory for the transaction logging
    - (temp_store = MEMORY) temporary tables and indices are kept in memory
* journald journalmatch for pure-ftpd (gh-1362)
* Added additional regex filter for dovecot ldap authentication failures (gh-1370)
* `filter.d/exim*conf`
    - Added additional regexes (gh-1371)
    - Made port entry optional