#49 Timestamps not customizable is a minus...


Yesterday was the first time i ever used this program, and the idea it's excellent, but, trying to develop the program for another services (for example a mail server called mercury/32) didn't work due to the timestamps in the log.

I think a great idea would be to add an external file, let's say timestamps.conf that could define several timestamps


And maybe the user could reference the timestamp in the jail.conf file.


So that way, anyone could adapt the program to the log file they need.

In my case, the log file has an entry like this:

E 20090524 151631 4a1960fe Host xx.xx.xx.xx blocked by SpamHaus - dropped and blocked.

The mailserver bans the ip, but for a short time, and only blocks the entry to the mailserver itself, not the rest of the services... So i wanted to ban the ip for x days just for appearing in spamhaus and trying to get into my server, but fail2ban has no way to adapt the regex in order to recognize the timestamp. I guess there are hundreds of cases where this would happen.

Another thing is that i'm not sure if the program is still being developed. I'll find out soon enough.

Thanks a lot for creating this program, the idea behind it deserves recognition.



  • I modified the program in my server, and added the following to the datedetector.py
    # Mercury/32
    template = DateStrptime()
    template.setName("E Year/Month/Day Hour:Minute:Second")
    template.setRegex("E \d{4}\d{2}\d{2} \d{2}\d{2}\d{2}")
    template.setPattern("E %Y%m%d %H%M%S")

    After that, i restarted the service and voilà... It worked perfectly... Hope this helps anyone who wants to ban ips that are initially detected in Mercury/32.

    Anyway, the feature request seems to me like it's still open.

    Thanks a lot for the program again.