fail2ban now supports IPv6 - please upgrade
At some time you closed the request "fail2ban for IPv6" stating that fail2ban does not support it. That was no doubt correct at the time - but now it does, see https://github.com/fail2ban/fail2ban/tree/0.10
I'm seeing a lot of warnings in the fail2ban log on my dual stack servers, like this:
66:1000:b01c:10ab:0:1: [Errno -9] Address family for hostname not supported
and my log checking software is complaining to me about the overly long fail2ban log.
See also: https://ctrl.blog/entry/fail2ban-ipv6
Available since Plesk Onyx 17.9 Preview 7.
"Current stable branches are 0.10 and 0.11 (with small exception that 0.11 was still never released)
The infos on fail2ban.org are out-dated"
How is this not available yet ??? :o
I know fail2ban v0.10 is not released as "stable" but that's a crucial security feature!
It still does not work for ipv6. What sense makes fail2ban then?
a security feature w/o IPv6 support is broken.
Please consider upgrading/patching fail2ban for IPv6 support ASAP.
please add option to use Fail2Ban with IPv6 support (it doesn't matter it is experimental version) because at the moment, without any IPv6 protection it is super stupid
Please add this very important feature.
Bjoern Bendix commented
Very important please update
Make fail2ban Great Again!
Any update on this important topic?
Yes please! Do an upgrade!
yes , please upgrade
thx in advance
+1 This is a must have!
+1 It is one of the most important security features
+1, do i need to explane why i think security is needed?
Ok, Alexander Yamshanov, that's right, but please appreciate that some of the fail2ban folks again took up the development for new features, after some years ago most of them considered the software to be "complete".
Alexander Yamshanov commented
Please notice IPv6 functional accessible only in version 0.10.x, but this version has experimental status, not stable. Anyway, let's continue voting!
Tim Reeves commented
thanks to those who already voted this up!
And a big PLEASE to everyone else: Please consider adding your vote. All the major data centers in Germany for vServers have been offering IPv6 for quite some time now - Hetzner, HostEurope, Strato, Contabo... it's hard NOT to get an IPv6. And without fail2ban testing IPv6 we are (a) not any way as secure as we should be, and (b) get lots of spurious messages in our log files.
I think its important as OVH and other data-centers are now attaching ipv6 addresses to most of there servers and VPS. OVH started rolling it out free ipv6 about one month a go.
Most will start seeing a message at there host datacenters like this: "Your instance is now linked to a free IPv6 in addition to the default IPv4."
Since then my servers has been getting hit harder with ipv6 brute-force attack and vulnerability scans. Even more then when i was just on ipv4
Plesk seams to be weaker when it comes to ipv6 prevention IMO.
Having plesk Fail2Ban updated to v0.10 would help for this.