The underlying Fail2Ban version in the distro is 0.8.14. In order to be able to upgrade to Fail2Ban 0.11.1, some changes need to be made so that Intrusion Detection works properly.
- Intrusion Detection will show stopped in the GUI, since the code in the Sysadmin module uses pidof -x and ps -A to detect if fail2ban-server is running, but 0.11.1 runs asynchronously and will only be detected with pgrep -f, as python is holding the process
- fail2ban 0.11.1 displays it’s results missing one “TAB” in the list of Jails and IP lists, and the intrusion detection code relies on a “cut -f3” within its hooks in a bunch of places to read that information. In 0.11.1 the information will be in field 2, not field 3.