Package: fail2ban Version: 0.8.5-1 Severity: wishlist Hi,
After reading through #350746, I wonder why iptables-new isn't used by default for the ssh jail. I understand and agree with the arguments about possible interactions with other protocols and thus the reason for not using it per default for all jails, but at least for ssh, where it's clear new auth attempts will use new connections, this shouldn't have any sensible drawbacks while decreasing the "annoyance-factor" of locking yourself out of your own server (like I just did, while playing with the pubkeys used by automatic backups :D). Cheers -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (990, 'unstable'), (150, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
