Hi, > I could be totally wrong, but imho internally there is not much (besides > name resolution I guess and regexp for HOST) is tightened toward IPv4. > since all what fail2ban does is monitoring log files and running > external commands, as long as those support ipv6 we should be fine. Do > you foresee any other (besides mentioned above) complications?
There are at least two things to take care of imho: - the name resolution is v4 only. I'm not sure if that's a general Python problem or not, though. Imho name resolution is only needed if all we know is a hostname, so all IPs of this hostname should be blocked (although I don't really like this idea, imho fail2ban should only work on real IPs only). Actually I don't even know how fail2ban handles hostnames, as I feed it with IPs only. So for every bad IP, iptables or ip6tables needs to be called, depending on if we have a v4 or a v6 IP. That's not too hard to figure out by using a regexp. Also what I've mentioned before, I really like to trust the IPy module for such tasks. - the imho bigger problem is to find a way to use iptables or ip6tables, based on the IP of the attacker. That's all I can think about at the moment, but I'm not realyl awake :) Cheers, Bernd
