Author: Yaroslav Halchenko
Revision Date: 2015-07-31 21:34:10 UTC

* Fresh upstream release
* debian/control -- adjusted description to mention what Recommends
  and Suggests are good for (Closes: #767114)

Author: Yaroslav Halchenko
Revision Date: 2015-07-31 21:34:10 UTC

* Fresh upstream release
* debian/control -- adjusted description to mention what Recommends
  and Suggests are good for (Closes: #767114)

Author: Yaroslav Halchenko
Revision Date: 2014-10-27 21:52:56 UTC

* To become fresh upstream release (Closes: #742976)
  - 0.9 series is quite a big leap in development, especially since 0.8.6
    which made it to previous Debian stable wheezy. Please consult upstream
    ChangeLog about changes
* debian/control
  - boost policy to 3.9.6

Author: Yaroslav Halchenko
Revision Date: 2014-10-27 21:52:56 UTC

* To become fresh upstream release (Closes: #742976)
  - 0.9 series is quite a big leap in development, especially since 0.8.6
    which made it to previous Debian stable wheezy. Please consult upstream
    ChangeLog about changes
* debian/control
  - boost policy to 3.9.6

Author: Marc Deslauriers
Revision Date: 2014-08-08 14:06:12 UTC

fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2014-08-08 14:06:12 UTC

fake sync from Debian

Author: Yaroslav Halchenko
Revision Date: 2014-03-18 23:13:35 UTC

* New upstream bug-fix release: but consider 0.9.0 (to be uploaded to
  experimental)
* debian/jail:
  - new jail definitions: apache-modsecurity, apache-nohome, freeswitch,
    ejabberd-auth, ssh-blocklist, nagios
  - new configuration option: ignorecommand
* debian/post{inst,rm},preinst:
  - [thanks to Daniel Schaal]: take care about renaming config files
    - firewall-cmd-direct-new.conf to firewallcmd-new.conf which happened
      in 0.8.11-29-g56b6bf7
    - lighttpd-fastcgi.conf to suhosin.conf and
      sasl.conf to postfix-sasl.conf in the past 0.8.11 release

Author: Yaroslav Halchenko
Revision Date: 2014-03-18 23:13:35 UTC

* New upstream bug-fix release: but consider 0.9.0 (to be uploaded to
  experimental)
* debian/jail:
  - new jail definitions: apache-modsecurity, apache-nohome, freeswitch,
    ejabberd-auth, ssh-blocklist, nagios
  - new configuration option: ignorecommand
* debian/post{inst,rm},preinst:
  - [thanks to Daniel Schaal]: take care about renaming config files
    - firewall-cmd-direct-new.conf to firewallcmd-new.conf which happened
      in 0.8.11-29-g56b6bf7
    - lighttpd-fastcgi.conf to suhosin.conf and
      sasl.conf to postfix-sasl.conf in the past 0.8.11 release

Author: Yaroslav Halchenko
Revision Date: 2013-11-17 17:29:06 UTC

* Fresh upstream release
  - this release tightens all shipped filters to preclude
    possible injections leading to targetted DoS attacks.
  - omitted entry for ~pre release changelog:
    - asterisk filter was fixed (Closes: #719662),
    - nginx filter/jail added (Closes: #668064)
    - better detection of log rotation in polling backend (Closes: #696087)
    - includes sever name (uname -n) into subject of sendmail actions
      (Closes: #709196)
* debian/jail.conf
  - dropbear jail: use dropbear filter (instead of ssh) and monitor
    auth.log instead of non-existing /var/log/dropbear (Closes: #620760)
* debian/NEWS
  - information for change of default iptables action to REJECT now
    (Closes: #711463)
* debian/patches
  - changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff
    post-release change to support native proftpd date format which
    includes milliseconds (Closes: #648276)
  - changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff
    absorbed upstream

Author: Yaroslav Halchenko
Revision Date: 2013-11-17 17:29:06 UTC

* Fresh upstream release
  - this release tightens all shipped filters to preclude
    possible injections leading to targetted DoS attacks.
  - omitted entry for ~pre release changelog:
    - asterisk filter was fixed (Closes: #719662),
    - nginx filter/jail added (Closes: #668064)
    - better detection of log rotation in polling backend (Closes: #696087)
    - includes sever name (uname -n) into subject of sendmail actions
      (Closes: #709196)
* debian/jail.conf
  - dropbear jail: use dropbear filter (instead of ssh) and monitor
    auth.log instead of non-existing /var/log/dropbear (Closes: #620760)
* debian/NEWS
  - information for change of default iptables action to REJECT now
    (Closes: #711463)
* debian/patches
  - changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff
    post-release change to support native proftpd date format which
    includes milliseconds (Closes: #648276)
  - changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff
    absorbed upstream

Author: Yaroslav Halchenko
Revision Date: 2013-07-01 14:36:24 UTC

* debian/jail.conf
  - added "submission" (port 587) to all SMTP-related jails (Closes:
    #714632). Thanks Tony den Haan for the report

Author: Yaroslav Halchenko
Revision Date: 2013-07-01 14:36:24 UTC

* debian/jail.conf
  - added "submission" (port 587) to all SMTP-related jails (Closes:
    #714632). Thanks Tony den Haan for the report

Author: Yaroslav Halchenko
Revision Date: 2012-07-31 21:46:19 UTC

Minor upstream bugfix release

Author: Yaroslav Halchenko
Revision Date: 2012-07-31 21:46:19 UTC

Minor upstream bugfix release

Author: Yaroslav Halchenko
Revision Date: 2012-01-08 21:46:24 UTC

* Added dovecot section to Debian's jail.conf. Thanks to Laurent
  Léonard (Closes: #655182)
* init.d script now returns non-0 exit codes upon status command
  with not running / failed to connect server. Thanks to
  Glenn Aaldering for the patch

Author: Yaroslav Halchenko
Revision Date: 2011-07-28 23:20:55 UTC

* [de95777] Fresh upstream release FAIL2BAN-0_8_5:
  - [00e1827] BF: use addfailregex instead of failregex while processing
    per-jail "failregex" parameter (Closes: #635830) (LP: #635036)
    Thanks Marat Khayrullin for the patch and Daniel T Chen for forwarding to
    Debian.
* [1cbdafc] Set backend to auto and recommends python-gamin (Closes: #524425)
* [ef449f4] Added a note on diverting logrotate configuration for custom
  logtarget=SYSLOG (Closes: #631917). Thanks Kenyon Ralph for report

Author: Yaroslav Halchenko
Revision Date: 2010-06-28 21:50:20 UTC

* Commenting out named-refused-udp jail and providing even fatter
  WARNING against using it (Closes: #583364)
* Merging upstream's commit for fixing missing import

Author: Yaroslav Halchenko
Revision Date: 2010-02-25 00:17:07 UTC

* Merged few upstream patches (svn rev ) which fixed:
  - Patch to make log file descriptors cloexec to stop leaking file
    descriptors on fork/exec.
* debian/rules,control: -install-layout=deb for setup.py + python (>=
  2.5.4-1~) to fix install with python2.6 (Closes: #571213).
* Boosted policy to 3.8.4 (no changes seems to be due).

Author: Andres Rodriguez
Revision Date: 2009-12-01 00:21:09 UTC

* Merge from debian testing (LP: #490673), remaining changes:
  - Python 2.6 transition.

Author: Chris Coulson
Revision Date: 2009-09-17 00:17:28 UTC

* server/asyncserver.py:
  - Applied upstream SVN revisions 735-738 to fix a Python
    2.6 / 3.0 incompatibility (LP: #372304).

Author: Chris Coulson
Revision Date: 2008-10-20 17:46:44 UTC

[ Chuck Short ]
debian/fail2ban.init: fail2ban doesnt restart after reboot because
of /var/run (LP: #222804)

Author: Yaroslav Halchenko
Revision Date: 2008-07-25 13:33:56 UTC

* BF in apache-noscript.conf - regexp matched in referer (Closes: #492319).
  Thanks Bernd Zeimetz.
* BF: extended apache-noscript with additional regexp

Author: Yaroslav Halchenko
Revision Date: 2008-07-25 13:33:56 UTC

* BF in apache-noscript.conf - regexp matched in referer (Closes: #492319).
  Thanks Bernd Zeimetz.
* BF: extended apache-noscript with additional regexp

Author: Chris Coulson
Revision Date: 2008-10-20 17:46:44 UTC

[ Chuck Short ]
debian/fail2ban.init: fail2ban doesnt restart after reboot because
of /var/run (LP: #222804)

Author: Yaroslav Halchenko
Revision Date: 2008-04-07 10:25:52 UTC

BF: Recommends whois, which is used in some actions (LP: #213227)

Author: Yaroslav Halchenko
Revision Date: 2007-08-14 23:15:21 UTC

New upstream release.
Patches absorbed upstream:
00_daemon_pids.dpatch
00_iptables_allports.dpatch
00_vsftp_filter_spaces.dpatch
00_resolve_all_names.dpatch
00_HOST_ignoreregex.dpatch
Patches which needed some tune-up:
00_ssh_strong_re.dpatch
00_mail-whois-lines.dpatch
00_named_refused.dpatch

Author: Cody A.W. Somerville
Revision Date: 2007-01-29 03:27:01 UTC

* Merge from debian unstable, remaining changes:
  - debian/rules: Don't depend on versioned python package.

Author: Yaroslav Halchenko
Revision Date: 2006-05-22 15:37:17 UTC

* Removed bashism (arrays) from init.d script to make it POSIX shell
  complient (closes: #368218)
* Added new proftpd section
* Added new saslauthd section. Thanks to martin f krafft
  <madduck@debian.org> (closes: #369483)
* Mentioned apache2 log file in Other. comment field for FILE in
  apache section. Nothing has to be changed besides the logfile path to
  work with apache2 (closes: #342144)

Author: Yaroslav Halchenko
Revision Date: 2006-01-12 18:32:14 UTC

* ignoreip is now empty by default (closes: #347766)
* increased verbosity in verbose=2 mode: now prints options accepted
  from the config file
* to make fail2ban.conf more compact, thus to improve its readability,
  fail2ban.conf was converted to use "interpolations" provided by
  ConfigParser class. fw{start,end,{,un}ban} options were moved into
  DEFAULT section and required options (port, protocol) were added