Add system service fail2ban
In progress, NormalPublicFEATURE REQUEST


Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

Just install fail2ban debian package and provide configuration node.

Usefull for cloud based VyOS instances.


Difficulty level
Normal (likely a few hours)
Why the issue appeared?
Will be filled on close
This request is:
Service Request
c-po created this task.Sat, Sep 2, 5:22 PM
c-po updated the task description. (Show Details)
c-po changed Difficulty level from Unknown (require assessment) to Normal (likely a few hours).
c-po moved this task from Need Triage to In Progress on the VyOS 1.2.x board.Sun, Sep 3, 9:51 AM
c-po closed this task as Resolved.Sun, Sep 3, 10:04 AM
c-po triaged this task as Normal priority.
c-po reopened this task as In progress.
c-po assigned this task to syncer.Thu, Sep 7, 12:21 PM
syncer reassigned this task from syncer to UnicronNL.Thu, Sep 7, 12:24 PM

Kim, can you merge this into current