# Install fail2ban

Scan log files and ban IPs showing malicious signs. Version 1.1.0 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:fail2ban
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install fail2ban
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install fail2ban
```

  Evidence: MacPorts ports tree: security/fail2ban/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- apk (92%):

```sh
sudo apk add fail2ban
```

  Evidence: Alpine Linux edge package indexes: fail2ban from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install fail2ban
```

  Evidence: Debian stable package indexes: fail2ban from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install fail2ban
```

  Evidence: Fedora Rawhide package metadata: fail2ban from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#fail2ban
```

  Evidence: nixpkgs package indexes: pkgs/by-name/fa/fail2ban/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S fail2ban
```

  Evidence: Arch Linux sync databases: fail2ban from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

- zypper (92%):

```sh
sudo zypper install fail2ban
```

  Evidence: openSUSE Tumbleweed package metadata: fail2ban from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

## Package Facts

- **Package key:** brew:fail2ban
- **Package manager:** Homebrew
- **Package manager URL:** <https://formulae.brew.sh/formula/fail2ban>
- **Version:** 1.1.0
- **Source summary:** Scan log files and ban IPs showing malicious signs
- **Homepage:** <https://www.fail2ban.org/>
- **Repository:** <https://github.com/fail2ban/fail2ban>
- **Upstream docs:** <https://fail2ban.readthedocs.io/>
- **License:** GPL-2.0-or-later
- **Source archive:** <https://github.com/fail2ban/fail2ban/archive/refs/tags/1.1.0.tar.gz>
- **Generated:** 2026-06-10T07:18:26+00:00

## Executables

- fail2ban-client (cli)
- fail2ban-python (cli)
- fail2ban-regex (cli)
- fail2ban-server (cli)
- fail2ban-testcases (cli)
- fail2ban-client (alias)
- fail2ban-python (alias)
- fail2ban-regex (alias)
- fail2ban-server (alias)
- fail2ban-testcases (alias)

## Dependencies

- python@3.14

## Build Dependencies

- sphinx-doc

## Install Behavior

- Post-install hook: not defined
- Service: declared
- Caveats: You must enable any jails by editing: $HOMEBREW_PREFIX/etc/fail2ban/jail.conf Other configuration files are in $HOMEBREW_PREFIX/etc/fail2ban. See more instructions at https://github.com/fail2ban/fail2ban/wiki/Proper-fail2ban-configuration.
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-06-10
- Package-manager version: 1.1.0
- Local data status: ok
- Upstream repository: https://github.com/fail2ban/fail2ban
- Upstream latest detected: 1.1.0 (current)
- info: No package-manager update timestamp was available.

## Sicherheitshinweise

broad file, network, media, or database tool signal. formula declares a Homebrew service.

- **Geiger risk:** orange / medium
- broad file, network, media, or database tool signal
- formula declares a Homebrew service

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** fail2ban
- **Version Scheme:** 0
- **Revision:** 2
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Debian apt - fail2ban - 1.1.0-8: normalized package name match | Debian stable package indexes: fail2ban from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | ban hosts that cause multiple authentication errors | https://www.fail2ban.org
- Nix - fail2ban: normalized package name match | nixpkgs package indexes: pkgs/by-name/fa/fail2ban/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - fail2ban - 1.0.2-3: normalized package name match | Ubuntu 24.04 LTS package indexes: fail2ban from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | ban hosts that cause multiple authentication errors | https://www.fail2ban.org
- apk - fail2ban - 1.1.0-r3: normalized package name match | Alpine Linux edge package indexes: fail2ban from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz | Scans log files for login failures then updates iptables to reject originating ip address | https://www.fail2ban.org/
- apk - fail2ban-doc - 1.1.0-r3: normalized package name match | Alpine Linux edge package indexes: fail2ban-doc from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz | Scans log files for login failures then updates iptables to reject originating ip address (documentation) | https://www.fail2ban.org/
- apk - fail2ban-openrc - 1.1.0-r3: normalized package name match | Alpine Linux edge package indexes: fail2ban-openrc from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz | Scans log files for login failures then updates iptables to reject originating ip address (OpenRC init scripts) | https://www.fail2ban.org/
- apk - fail2ban-pyc - 1.1.0-r3: normalized package name match | Alpine Linux edge package indexes: fail2ban-pyc from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz | Precompiled Python bytecode for fail2ban | https://www.fail2ban.org/
- apk - fail2ban-tests - 1.1.0-r3: normalized package name match | Alpine Linux edge package indexes: fail2ban-tests from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz | Fail2ban test cases | https://www.fail2ban.org/
- dnf - fail2ban - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Daemon to ban hosts that cause multiple authentication errors | https://www.fail2ban.org
- dnf - fail2ban-all - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-all from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Install all Fail2Ban packages and dependencies | https://www.fail2ban.org
- dnf - fail2ban-firewalld - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-firewalld from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Firewalld support for Fail2Ban | https://www.fail2ban.org
- dnf - fail2ban-hostsdeny - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-hostsdeny from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Hostsdeny (tcp_wrappers) support for Fail2Ban | https://www.fail2ban.org
- dnf - fail2ban-mail - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-mail from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Mail actions for Fail2Ban | https://www.fail2ban.org
- dnf - fail2ban-selinux - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-selinux from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | SELinux policies for Fail2Ban | https://www.fail2ban.org
- dnf - fail2ban-sendmail - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-sendmail from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Sendmail actions for Fail2Ban | https://www.fail2ban.org
- dnf - fail2ban-server - 1.1.0-17.fc45: normalized package name match | Fedora Rawhide package metadata: fail2ban-server from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | Core server component for Fail2Ban | https://www.fail2ban.org


## Related Links

- [Secret-risk packages](https://www.automicvault.com/de/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/de/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/de/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/de/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [python@3.14](https://www.automicvault.com/de/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [sphinx-doc](https://www.automicvault.com/de/pkg/brew/sphinx-doc/) - Build dependency declared by Homebrew.
- [sshguard](https://www.automicvault.com/de/pkg/brew/sshguard/) - Shares av.db curated category or tags: cli, firewall, intrusion-prevention, security.
- [knock](https://www.automicvault.com/de/pkg/brew/knock/) - Shares av.db curated category or tags: cli, firewall, security.
- [logcheck](https://www.automicvault.com/de/pkg/brew/logcheck/) - Shares av.db curated category or tags: cli, log-analysis, security.
- [gnutls](https://www.automicvault.com/de/pkg/brew/gnutls/) - Shares av.db curated category or tags: cli, security.
- [krb5](https://www.automicvault.com/de/pkg/brew/krb5/) - Shares av.db curated category or tags: cli, security.
- [nettle](https://www.automicvault.com/de/pkg/brew/nettle/) - Shares av.db curated category or tags: cli, security.
- [nss](https://www.automicvault.com/de/pkg/brew/nss/) - Shares av.db curated category or tags: cli, security.
- [pinentry](https://www.automicvault.com/de/pkg/brew/pinentry/) - Shares av.db curated category or tags: cli, security.
- [snyk-agent-scan](https://www.automicvault.com/de/pkg/brew/snyk-agent-scan/) - Both packages touch the same language runtime or ecosystem. Shared terms: cli, log, python, python-3-14, scan.
- [bandit](https://www.automicvault.com/de/pkg/brew/bandit/) - Both packages touch the same language runtime or ecosystem. Shared terms: analysis, cli, python, python-3-14, security.
- [cfripper](https://www.automicvault.com/de/pkg/brew/cfripper/) - Both packages touch the same language runtime or ecosystem. Shared terms: analysis, cli, python, python-3-14, security.

## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph