fail2ban is meant as a comprehensive tool for reacting to bad stuff showing up in various logs. things like 'if more than 3 bad passwords in the last 10 minutes, block the user/ip for a while'.

but somehow i don't like it. at all. i think it's an obese beast, with overcomplicated rules and not a lot of flexibility.

but the basic idea is quite sensible. so i wrote a variation of fail2ban for my own purposes: banban. it's tiny, it reacts fast and it does just enough to make it worthwhile.

banban has just hit github, and the single-page documentation is there too.