So, you might recall this article of mine:
From June 2011. Ouch.
Anyway, as I have always wanted to cluster up all my fail2ban servers, especially without opening security holes between them, I cooked up these set of scripts that use the AWESOME zeromq messaging API: www.zeromq.org
I called them fail2ban-zmq-tools, also known as fail2ban-cluster. It consists of a Publisher, which receives messages from Monitor instances and broadcasts them to Subscriber instances.
You can clone up the repository by checking out this github web repos: https://github.com/buanzo/fail2ban-zmq-tools
- Buanzo’s Toolbox – AXFR, Vhosts-by-IP, Multi-RBL Check and More
- Fail2ban rules for lighttpd fastcgi alerts
- Proactive protection enhancements for fail2ban – Part 1
- fail2ban patch: ban IP address manually
- I’m now a fail2ban developer :D