You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Alex 'AdUser' Z 2c586f099c * SO_PEERCRED is linux-specific now 3 years ago
configs * configs/conf-available/05-source-portknock.conf 3 years ago
contrib * contrib: don't hard depend on mountall 7 years ago
debian + debian/control : add ipset* to recommends of f2b-mod-ipset 3 years ago
docs * make jail filter optional 3 years ago
filters * tune filters 3 years ago
src * SO_PEERCRED is linux-specific now 3 years ago
t * include some more headers for compatibility 3 years ago
.gitignore * initial 8 years ago
CMakeLists.txt * drop multicast source/backend (so, it was funny, but it's time to die) 3 years ago
ChangeLog * update changelog 7 years ago
Doxyfile * add Doxyfile 7 years ago
LICENSE * apply license 8 years ago * update readme 7 years ago


f2b is lightweight automatic anti-bot turret for your public serivces.


  • written in pure C
  • small memory footprint
  • minimum dependencies (required: libc, libdl; optional: readline, pcre, redis, ipset)
  • fully modular: pluggable sources/filters/backends (you may easy write custom one)
  • support for distributed installs (teamwork)
  • stateful (can save/restore banned ips on restart)
  • adapting to bots (automatically adjust bantime/findtime on rare but steady events from one source)
  • can use not only logfiles, but anything that can give malicious ip: accept(), recv(), pubsub event, pipe
  • may work as honeypot (emulating open tcp ports)


  • Installation -- generic installation instructions
  • Quickstart -- config file description and configuration notes

Similar software:

License: GPL2+