Banjax

Banjax is an ATS Banning filter. It was designed as a replacement for fail2ban in processing logs based on regular expressions. Banjax identifies attackers based on regular expressions and then passes the IP address of the client matching the rule to Swabber.

It was designed because:

  • It is fast: it reads the request on the fly before it is being written in a file hence file I/O operation does not slow it down.
  • It can prevent a botnet before even serving it once.

The Banjax source is available on Github. The name is based upon Dublin slang terminology for “to ruin”.

To download the code and learn how to install and configure, Banjax, go to the project on Github.

Configuration

Banjax.conf is usually located in /usr/local/trafficserver/conf/banjax/banjax.conf. This configuration is per-Dnet.

Push changes to banjax.conf

deploy.sh -A network -p ats -H ALL