In this release we have backported a new version of fail2ban from Ubuntu 18.04 LTS (Bionic Beaver) onto our (Xenial) platform. We noticed that on some nodes the fail2ban database would grow to a disproportional size over time. This was because of a bug in the Xenial 0.9.3 version of fail2ban where the purging of obsolete IPs was never actually enacted.
Additionally, this new version patches some grave memory leaks and improves performance by quite a bit. With this new version baseline RAM consumption on all nodes should decrease somewhat, which is especially significant for very small Hypernodes as it will give them some more breathing room in tight situations. The new version is 0.10.2-2. To see the complete list of changes, see the fail2ban ChangeLog here. To check if your Hypernode has already been updated to this new version you can run:
$ fail2ban-client -V
Fail2Ban v0.10.2
In other news, it is now possible for the app
user to read the sftp related log files sftp.log
and sftp-xferlog
in /var/log/proftpd
.