While implementing IPv6 in my company network I also started looking for a replacement for fail2ban. Fail2ban is a tool which monitors log files looking for anomalies. When someone tries to brute force your sshd, fail2ban will notice and block the offender using iptables or whatever firewall you use.

Fail2ban has served me well the last couple of years, but it doesn’t support IPv6 and the last release was on 7-9-2009 which is almost 2 years ago. This didn’t give me the idea the IPv6 support would ever be implemented. But then again, I can be wrong…

I gave a stab at writing my own implementation which would support IPv6 and started looking on freshmeat looking for similar scripts to see how they worked. Then I found a small Perl script called autofwd written by Arthur Corliss. I downloaded it to see how if there was any usable code in there but quickly found out that it actually was the tool I was looking for. It’s portable, so you can use any kind of firewall with it. I myself use shorewall and it took me only a couple of minutes to plug that in.

If you’re looking for a flexible/portable fail2ban replacement I certainly recommend looking at autofwd. It doesn’t have a homepage but you can get it here. I’ve created a Debian package which is available here.

3 thoughts on “autofwd

  1. JPFournier
    16 June 2012 at 12:17

    i found homepage of autofwd, no more support after may 2011, this is better than fail2ban anyway


  2. Ricky
    3 June 2013 at 16:04

    I don’t know if you’ve noticed, but fail2ban is being updated again…


  3. roedie
    10 June 2013 at 11:04

    No, I didn’t know. But still no IPv6 support…If fail2ban implements IPv6 support it will be useful to me again.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.