Projects / IPQ BDB


A fail2ban lite. IPQ BDB is a netfilter userspace daemon that can block or mark IP packets according to iptables rules that issue the corresponding -j NFQUEUE, as well as a Berkeley database of bad IPv4 addresses. A log parser and a banning utility add entries to the database. An IP has to be caught a configurable number of times before being blocked. Transitions between blocked and non-blocked are faded using probabilities. A halving period governs IP rehabilitation.

Operating Systems

Recent releases

  •  13 Sep 2013 10:26

    Release Notes: This maintenance release checks building with Berkeley DB 5.x and adds a few minor enhancements.

    •  10 Mar 2011 17:50

      Release Notes: There is a new option --exec-connkill (-e for short) in ibd-ban and ibd-parse. When this option is given, if an updated address reaches 100% block probability, then an external command is invoked. The command is to be configured in a new configuration file, and presumably kills any established connection. Using "conntrack -D" seems to work well, as it allows the stateful firewall to thereafter detect extraneous packets on its own. New options for ibd-judge allow it to configure nfnetfilter buffer size, ENOBUFS error notification, and each queue's max length. Various fixes.


      Project Spotlight


      A Fluent OpenStack client API for Java.


      Project Spotlight

      TurnKey TWiki Appliance

      A TWiki appliance that is easy to use and lightweight.