tag:github.com,2008:https://github.com/DigitalRuby/IPBan/releases 2025-09-09T18:00:38Z tag:github.com,2008:Repository/3495900/4.0.0 2026-01-29T17:58:48Z <ul> <li>.NET 10</li> <li>Reduce "multiple log file scanners" message to Info level so it can be supressed.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/3.1.0 2025-09-24T22:01:25Z <p>Last update: 2025-09-24T20:01:00Z</p> <ul> <li>Fix XML encoding/decoding of appSettings values</li> <li>Add ARM binaries</li> <li>NFTables support (will use if firewalld is not installed)</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/3.0.0 2025-04-29T15:20:07Z <p>Latest update: 2025-04-29T17:09:00Z</p> <ul> <li>.NET 9.0</li> <li>Normalize log file regex to better detect new or duplicate config entries</li> <li>Fix for importing too many banned ips into the database at service start. Only the default block rule is imported now.</li> <li>Optimize Linux iptables firewall for huge performance boost.</li> <li>Allow <code>{shortyear}</code> and <code>{shortyear-local}</code> in log file paths.</li> <li>Fix duplicate failed and success login level in config file.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/2.0.1 2024-11-11T16:35:31Z <p>Last update 2024-11-09T19:38:00Z.</p> <ul> <li>Replace WMIC with PInvoke on Windows for account names and active status retrieval. WMIC is deprecated as of Windows Server 2025.</li> <li>Allow multiple event viewer groups to process an event.</li> <li>Fix issue where some windows event viewer successful logins weren't getting logged.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/2.0.0 2024-08-31T20:44:51Z <p>Last update: 2024-08-31T19:33:00Z.</p> <ul> <li>.NET 8 Build.</li> <li>Allow override min time between failed logins for log files and event viewer expressions to block.</li> <li>Sort firewalld rules in the xml by priority, in case the underlying implementation doesn't honor priority.</li> <li>Allow <code>$ts$</code> replacement to machine timestamp in ticks for firewall uri rules (cache busting).</li> <li>Handle closed or reset in openssh logs for invalid users.</li> <li>Remove WFP blocked packet blocking from default config.</li> <li>Add new mail enable failed login to default config.</li> <li>Log files exceeding max size are truncated now instead of deleted to maintain file permissions.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/1.9.0 2023-10-11T14:28:28Z <p>Last update 2023-10-11T15:28:00Z</p> <p>This release contains firewalld support and makes firewalld the default firewall for Linux. The <code>public</code> zone is used for all the rules along with firewalld ipsets to store the ip addresses of each rule.</p> <p>Also added a timestamp_utc option for parsing of event viewer and log files. If used, the timestamp will be assumed to be in utc time and not local time, unless a time zone is explicitly in the parsed timestamp, in which case that will be used.</p> jjxtra tag:github.com,2008:Repository/3495900/1.8.1 2023-07-04T16:38:53Z <p>Last update: 2023-07-04T17:38:00Z</p> <ul> <li>User name truncation. The <code>TruncateUserNameChars</code> property can be used to configure behavior of user name truncation. '@' is the current default, meaning email addresses will be truncated to just the username, i.e. '<a href="mailto:[email protected]">[email protected]</a>' will become 'bob' by default.</li> <li>Don't log config error if config item is missing or empty.</li> <li>Logging for ignored internal ip addresses and why they were ignored.</li> <li>Fix an issue where base config (ipban.config) did not change but the override config (ipban.override.config) did and log files could stack endlessly.</li> <li>Fix an issue computing the local ip address when ipv4 and ipv6 adapters were on the machine.</li> <li>Attempt to fix possible Linux timer issue for running cycles.</li> <li>Ensure legacy iptables is used on Linux.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/1.8.0 2023-01-04T19:53:09Z <ul> <li>[2022-09-21] Critical memory leak fix, please re-download and re-deploy 1.8.0 version if installed before 2022-09-21</li> <li>Integration with <a href="https://ipthreat.net" rel="nofollow">https://ipthreat.net</a> (see <a href="https://ipthreat.net/integrations/ipban" rel="nofollow">https://ipthreat.net/integrations/ipban</a>)</li> <li>Fix issue not using dns ip addresses for failed logins</li> <li>Fix issue when expressions to block and/or expressions to notify element was removed entirely from config</li> <li>New "log" group for regex to capture relevant log snippet, will be displayed on failed logins logging and sent to ipthreat api if enabled</li> <li>Refactor cycle tasks to ensure each task executes regardless of whether other tasks throw exceptions</li> <li>App setting values may be formatted with %[env_var_name]% to read the value from environment variables</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/1.7.3 2022-07-28T19:03:38Z <ul> <li>Fix an issue with override config that would not copy appSettings/add elements if the base config did not also have the same key.</li> <li>Attempt to fix an issue where editing the override config frequently could result in the override config not being merged properly.</li> <li>Improve sql server negation expression in event viewer check.</li> <li>Show source when ip address parse fails and a dns lookup is performed.</li> <li>Perform web service call to <a href="https://api.ipban.com/myip" rel="nofollow">https://api.ipban.com/myip</a> to get ip address if external ip cannot be found.</li> <li>Can add a max count to end of firewall uri rule to allow more than 10k ip addresses.</li> </ul> jjxtra tag:github.com,2008:Repository/3495900/1.7.2 2022-06-14T20:38:19Z <ul> <li>Fix an issue not unbanning ipv6 properly in Windows Firewall</li> <li>Fix an issue on Linux iptables with ranges that were not proper cidr mask ranges</li> <li>Detect successful ssh logins on Linux and Windows using certificates</li> <li>Don't ban 404 errors in Tomcat, this would cause missing favicon, apple touch icon, etc. to ban incorrectly</li> </ul> jjxtra