fail2ban-commit

[Fail2ban-commit] SF.net SVN: fail2ban: [483] trunk

[<los...@us...>]

Revision: 483
          http://svn.sourceforge.net/fail2ban/?rev=483&view=rev
Author:   lostcontrol
Date:     2006-12-10 08:46:54 -0800 (Sun, 10 Dec 2006)

Log Message:
-----------
- Prepared for next release

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README
    trunk/common/version.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-10 16:37:22 UTC (rev 482)
+++ trunk/CHANGELOG	2006-12-10 16:46:54 UTC (rev 483)
@@ -4,9 +4,13 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.5)                           2006/12/07
+Fail2Ban (version 0.7.6)                           200?/??/??
 =============================================================
 
+ver. 0.7.6 (200?/??/??) - ???
+----------
+- Added a "sleep 1" in redhat-initd. Thanks to Jim Wight
+
 ver. 0.7.5 (2006/12/07) - beta
 ----------
 - Do not ban a host that is currently banned. Thanks to

Modified: trunk/README
===================================================================
--- trunk/README	2006-12-10 16:37:22 UTC (rev 482)
+++ trunk/README	2006-12-10 16:46:54 UTC (rev 483)
@@ -4,7 +4,7 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.5)                           2006/12/07
+Fail2Ban (version 0.7.6)                           200?/??/??
 =============================================================
 
 Fail2Ban scans log files like /var/log/pwdfail and bans IP

Modified: trunk/common/version.py
===================================================================
--- trunk/common/version.py	2006-12-10 16:37:22 UTC (rev 482)
+++ trunk/common/version.py	2006-12-10 16:46:54 UTC (rev 483)
@@ -24,4 +24,4 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-version = "0.7.5"
+version = "0.7.5-SVN"


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [488] trunk

[<los...@us...>]

Revision: 488
          http://svn.sourceforge.net/fail2ban/?rev=488&view=rev
Author:   lostcontrol
Date:     2006-12-13 15:02:46 -0800 (Wed, 13 Dec 2006)

Log Message:
-----------
- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/config/fail2ban.conf
    trunk/server/server.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-11 22:18:41 UTC (rev 487)
+++ trunk/CHANGELOG	2006-12-13 23:02:46 UTC (rev 488)
@@ -10,6 +10,7 @@
 ver. 0.7.6 (200?/??/??) - ???
 ----------
 - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight
+- Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/config/fail2ban.conf
===================================================================
--- trunk/config/fail2ban.conf	2006-12-11 22:18:41 UTC (rev 487)
+++ trunk/config/fail2ban.conf	2006-12-13 23:02:46 UTC (rev 488)
@@ -18,8 +18,9 @@
 loglevel = 3
 
 # Option:  logtarget
-# Notes.:  Set the log target. This could be a file, SYSLOG, STDERR.
-# Values:  STDERR SYSLOG file  Default:  /var/log/fail2ban.log
+# Notes.:  Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
+#          Only one log target can be specified.
+# Values:  STDOUT STDERR SYSLOG file  Default:  /var/log/fail2ban.log
 #
 logtarget = /var/log/fail2ban.log
 

Modified: trunk/server/server.py
===================================================================
--- trunk/server/server.py	2006-12-11 22:18:41 UTC (rev 487)
+++ trunk/server/server.py	2006-12-13 23:02:46 UTC (rev 488)
@@ -306,7 +306,9 @@
 			# Remove previous handler
 			logging.getLogger("fail2ban").handlers = []
 			if target == "SYSLOG":
-				hdlr = logging.handlers.SysLogHandler()
+				facility = logging.handlers.SysLogHandler.LOG_DAEMON
+				hdlr = logging.handlers.SysLogHandler("/dev/log",
+													  facility = facility)
 			elif target == "STDOUT":
 				hdlr = logging.StreamHandler(sys.stdout)
 			elif target == "STDERR":


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [489] trunk

[<los...@us...>]

Revision: 489
          http://svn.sourceforge.net/fail2ban/?rev=489&view=rev
Author:   lostcontrol
Date:     2006-12-14 13:20:03 -0800 (Thu, 14 Dec 2006)

Log Message:
-----------
- Use numeric output for iptables in "actioncheck"

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/config/action.d/iptables.conf

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-13 23:02:46 UTC (rev 488)
+++ trunk/CHANGELOG	2006-12-14 21:20:03 UTC (rev 489)
@@ -11,6 +11,7 @@
 ----------
 - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight
 - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
+- Use numeric output for iptables in "actioncheck"
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/config/action.d/iptables.conf
===================================================================
--- trunk/config/action.d/iptables.conf	2006-12-13 23:02:46 UTC (rev 488)
+++ trunk/config/action.d/iptables.conf	2006-12-14 21:20:03 UTC (rev 489)
@@ -27,7 +27,7 @@
 # Notes.:  command executed once before each fwban command
 # Values:  CMD
 #
-actioncheck = iptables -L INPUT | grep -q fail2ban-<name>
+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
 
 # Option:  fwban
 # Notes.:  command executed when banning an IP. Take care that the


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [496] trunk

[<los...@us...>]

Revision: 496
          http://svn.sourceforge.net/fail2ban/?rev=496&view=rev
Author:   lostcontrol
Date:     2006-12-19 13:51:14 -0800 (Tue, 19 Dec 2006)

Log Message:
-----------
- Fixed removal of host in hosts.deny. Thanks to Ren?\195?\169 Berber

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README
    trunk/config/action.d/hostsdeny.conf

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-18 22:35:34 UTC (rev 495)
+++ trunk/CHANGELOG	2006-12-19 21:51:14 UTC (rev 496)
@@ -12,6 +12,7 @@
 - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight
 - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
 - Use numeric output for iptables in "actioncheck"
+- Fixed removal of host in hosts.deny. Thanks to René Berber
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/README
===================================================================
--- trunk/README	2006-12-18 22:35:34 UTC (rev 495)
+++ trunk/README	2006-12-19 21:51:14 UTC (rev 496)
@@ -72,7 +72,8 @@
 Tom Pike, Iain Lea, Andrey G. Grozin, Yaroslav Halchenko,
 Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
 Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
-Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand
+Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
+René Berber
 
 License:
 --------

Modified: trunk/config/action.d/hostsdeny.conf
===================================================================
--- trunk/config/action.d/hostsdeny.conf	2006-12-18 22:35:34 UTC (rev 495)
+++ trunk/config/action.d/hostsdeny.conf	2006-12-19 21:51:14 UTC (rev 496)
@@ -44,9 +44,7 @@
 #          <time>  unix timestamp of the ban time
 # Values:  CMD
 #
-actionunban = IP=<ip> &&
-              grep -v "ALL: $IP" <file> > <tmpfile> &&
-              mv <tmpfile> <file>
+actionunban = IP=<ip> && sed -i.old /ALL:\ $IP/d <file>
 
 [Init]
 
@@ -55,10 +53,3 @@
 # Values:  STR  Default:  /etc/hosts.deny
 #
 file = /etc/hosts.deny
-
-# Option:  file
-# Notes.:  hosts.deny temporary file path.
-# Values:  STR  Default:  /etc/hostsdeny.failban
-#
-tmpfile = /tmp/hosts.deny.tmp
-


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [502] trunk

[<los...@us...>]

Revision: 502
          http://svn.sourceforge.net/fail2ban/?rev=502&view=rev
Author:   lostcontrol
Date:     2006-12-23 01:51:41 -0800 (Sat, 23 Dec 2006)

Log Message:
-----------
- Updated

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-23 09:50:51 UTC (rev 501)
+++ trunk/CHANGELOG	2006-12-23 09:51:41 UTC (rev 502)
@@ -13,6 +13,9 @@
 - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
 - Use numeric output for iptables in "actioncheck"
 - Fixed removal of host in hosts.deny. Thanks to René Berber
+- Added new date format (2006-12-21 06:43:20) and Exim4
+  filter. Thanks to mEDI
+- Improved regular expression checking a bit
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/README
===================================================================
--- trunk/README	2006-12-23 09:50:51 UTC (rev 501)
+++ trunk/README	2006-12-23 09:51:41 UTC (rev 502)
@@ -73,7 +73,7 @@
 Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
 Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
 Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
-René Berber
+René Berber, mEDI
 
 License:
 --------


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [503] trunk

[<los...@us...>]

Revision: 503
          http://svn.sourceforge.net/fail2ban/?rev=503&view=rev
Author:   lostcontrol
Date:     2006-12-23 08:31:00 -0800 (Sat, 23 Dec 2006)

Log Message:
-----------
- Added support for several "failregex" and "ignoreregex". This should simplify the configuration files.
- Configuration files are backward-compatible but need to be updated in order to take advantage of this feature.

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/MANIFEST
    trunk/client/beautifier.py
    trunk/client/filterreader.py
    trunk/common/protocol.py
    trunk/fail2ban-regex
    trunk/man/fail2ban-client.1
    trunk/man/fail2ban-regex.1
    trunk/man/fail2ban-server.1
    trunk/server/filter.py
    trunk/server/server.py
    trunk/server/transmitter.py
    trunk/testcases/filtertestcase.py

Added Paths:
-----------
    trunk/server/failregex.py
    trunk/server/regex.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/CHANGELOG	2006-12-23 16:31:00 UTC (rev 503)
@@ -15,7 +15,8 @@
 - Fixed removal of host in hosts.deny. Thanks to René Berber
 - Added new date format (2006-12-21 06:43:20) and Exim4
   filter. Thanks to mEDI
-- Improved regular expression checking a bit
+- Several "failregex" and "ignoreregex" are now accepted.
+  Creation of rules should be easier now.
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/MANIFEST
===================================================================
--- trunk/MANIFEST	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/MANIFEST	2006-12-23 16:31:00 UTC (rev 503)
@@ -39,6 +39,8 @@
 server/banmanager.py
 server/datetemplate.py
 server/mytime.py
+server/regex.py
+server/failregex.py
 testcases/banmanagertestcase.py
 testcases/failmanagertestcase.py
 testcases/clientreadertestcase.py

Modified: trunk/client/beautifier.py
===================================================================
--- trunk/client/beautifier.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/client/beautifier.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -109,7 +109,18 @@
 					msg = "These IP addresses/networks are ignored:\n"
 					for ip in response[:-1]:
 						msg = msg + "|- " + ip + "\n"
-					msg = msg + "`- " + response[len(response)-1]				
+					msg = msg + "`- " + response[len(response)-1]
+			elif inC[2] in ("failregex", "addfailregex", "delfailregex",
+							"ignoreregex", "addignoreregex", "delignoreregex"):
+				if len(response) == 0:
+					msg = "No regular expression is defined"
+				else:
+					msg = "The following regular expression are defined:\n"
+					c = 0
+					for ip in response[:-1]:
+						msg = msg + "|- [" + str(c) + "]: " + ip + "\n"
+						c += 1
+					msg = msg + "`- [" + str(c) + "]: " + response[len(response)-1]
 		except Exception:
 			logSys.warn("Beautifier error. Please report the error")
 			logSys.error("Beautify " + `response` + " with " + `self.__inputCmd` +

Modified: trunk/client/filterreader.py
===================================================================
--- trunk/client/filterreader.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/client/filterreader.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -67,8 +67,10 @@
 			elif opt == "timepattern":
 				stream.append(["set", self.__name, "timepattern", self.__opts[opt]])
 			elif opt == "failregex":
-				stream.append(["set", self.__name, "failregex", self.__opts[opt]])
+				for regex in self.__opts[opt].split('\n'):
+					stream.append(["set", self.__name, "addfailregex", regex])
 			elif opt == "ignoreregex":
-				stream.append(["set", self.__name, "ignoreregex", self.__opts[opt]])		
+				for regex in self.__opts[opt].split('\n'):
+					stream.append(["set", self.__name, "addignoreregex", regex])		
 		return stream
 		
\ No newline at end of file

Modified: trunk/common/protocol.py
===================================================================
--- trunk/common/protocol.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/common/protocol.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -54,8 +54,10 @@
 ["set <JAIL> dellogpath <FILE>", "removes <FILE> to the monitoring list of <JAIL>"], 
 ["set <JAIL> timeregex <REGEX>", "sets the regular expression <REGEX> to match the date format for <JAIL>. This will disable the autodetection feature."], 
 ["set <JAIL> timepattern <PATTERN>", "sets the pattern <PATTERN> to match the date format for <JAIL>. This will disable the autodetection feature."], 
-["set <JAIL> failregex <REGEX>", "sets the regular expression <REGEX> which must match failures for <JAIL>"], 
-["set <JAIL> ignoreregex <REGEX>", "sets the regular expression <REGEX> which should match pattern to exclude for <JAIL>"], 
+["set <JAIL> addfailregex <REGEX>", "adds the regular expression <REGEX> which must match failures for <JAIL>"], 
+["set <JAIL> delfailregex <INDEX>", "removes the regular expression at <INDEX> for failregex"], 
+["set <JAIL> addignoreregex <REGEX>", "adds the regular expression <REGEX> which should match pattern to exclude for <JAIL>"],
+["set <JAIL> delignoreregex <INDEX>", "removes the regular expression at <INDEX> for ignoreregex"], 
 ["set <JAIL> findtime <TIME>", "sets the number of seconds <TIME> for which the filter will look back for <JAIL>"], 
 ["set <JAIL> bantime <TIME>", "sets the number of seconds <TIME> a host will be banned for <JAIL>"], 
 ["set <JAIL> maxretry <RETRY>", "sets the number of failures <RETRY> before banning the host for <JAIL>"], 
@@ -73,8 +75,8 @@
 ["get <JAIL> ignoreip", "gets the list of ignored IP addresses for <JAIL>"],
 ["get <JAIL> timeregex", "gets the regular expression used for the time detection for <JAIL>"],
 ["get <JAIL> timepattern", "gets the pattern used for the time detection for <JAIL>"],
-["get <JAIL> failregex", "gets the regular expression which matches the failures for <JAIL>"],
-["get <JAIL> ignoreregex", "gets the regular expression which matches patterns to ignore for <JAIL>"],
+["get <JAIL> failregex", "gets the list of regular expressions which matches the failures for <JAIL>"],
+["get <JAIL> ignoreregex", "gets the list of regular expressions which matches patterns to ignore for <JAIL>"],
 ["get <JAIL> findtime", "gets the time for which the filter will look back for failures for <JAIL>"],
 ["get <JAIL> bantime", "gets the time a host is banned for <JAIL>"],
 ["get <JAIL> maxretry", "gets the number of failures allowed for <JAIL>"],

Modified: trunk/fail2ban-regex
===================================================================
--- trunk/fail2ban-regex	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/fail2ban-regex	2006-12-23 16:31:00 UTC (rev 503)
@@ -33,6 +33,7 @@
 
 from common.version import version
 from server.filter import Filter
+from server.regex import RegexException
 
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.regex")
@@ -83,17 +84,17 @@
 	 			self.dispVersion()
 	 			sys.exit(0)
 	
-	def setRegex(self, value):
+	def testRegex(self, line, regex):
 		print
-		self.__filter.setFailRegex(value)
-	
-	def testRegex(self, line):
-		print
 		try:
 			logging.getLogger("fail2ban").setLevel(logging.DEBUG)
+			self.__filter.addFailRegex(regex)
 			ret = self.__filter.findFailure(line)
 			print
 			logging.getLogger("fail2ban").setLevel(logging.CRITICAL)
+		except RegexException, e:
+			print e
+			return False
 		except IndexError:
 			print "Sorry, but no <host> found in regex"
 			return False
@@ -156,8 +157,7 @@
 		regex.dispUsage()
 		sys.exit(-1)
 	else:
-		regex.setRegex(sys.argv[2])
-		ret = regex.testRegex(sys.argv[1])
+		ret = regex.testRegex(sys.argv[1], sys.argv[2])
 		if ret:
 			sys.exit(0)
 		else:

Modified: trunk/man/fail2ban-client.1
===================================================================
--- trunk/man/fail2ban-client.1	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/man/fail2ban-client.1	2006-12-23 16:31:00 UTC (rev 503)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-CLIENT "1" "December 2006" "fail2ban-client v0.7.4-SVN" "User Commands"
+.TH FAIL2BAN-CLIENT "1" "December 2006" "fail2ban-client v0.7.5-SVN" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
 .SH SYNOPSIS
 .B fail2ban-client
 [\fIOPTIONS\fR]... \fI<COMMAND>\fR
 .SH DESCRIPTION
-Fail2Ban v0.7.4\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.5\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP
@@ -37,6 +37,8 @@
 \fB\-V\fR, \fB\-\-version\fR
 print the version
 .SH COMMAND
+.IP
+Basic
 .TP
 \fBstart\fR
 starts the server and the jails
@@ -54,6 +56,8 @@
 .TP
 \fBping\fR
 tests if the server is alive
+.IP
+Logging
 .TP
 \fBset loglevel <LEVEL>\fR
 sets logging level to <LEVEL>. 0
@@ -69,10 +73,24 @@
 .TP
 \fBget logtarget\fR
 gets logging target
+.IP
+Jail control
 .TP
 \fBadd <JAIL> <BACKEND>\fR
 creates <JAIL> using <BACKEND>
 .TP
+\fBstart <JAIL>\fR
+starts the jail <JAIL>
+.TP
+\fBstop <JAIL>\fR
+stops the jail <JAIL>. The jail is
+removed
+.TP
+\fBstatus <JAIL>\fR
+gets the current status of <JAIL>
+.IP
+Jail configuration
+.TP
 \fBset <JAIL> idle on|off\fR
 sets the idle state of <JAIL>
 .TP
@@ -104,16 +122,24 @@
 This will disable the
 autodetection feature.
 .TP
-\fBset <JAIL> failregex <REGEX>\fR
-sets the regular expression
+\fBset <JAIL> addfailregex <REGEX>\fR
+adds the regular expression
 <REGEX> which must match failures
 for <JAIL>
 .TP
-\fBset <JAIL> ignoreregex <REGEX>\fR
-sets the regular expression
+\fBset <JAIL> delfailregex <INDEX>\fR
+removes the regular expression at
+<INDEX> for failregex
+.TP
+\fBset <JAIL> addignoreregex <REGEX>\fR
+adds the regular expression
 <REGEX> which should match pattern
 to exclude for <JAIL>
 .TP
+\fBset <JAIL> delignoreregex <INDEX>\fR
+removes the regular expression at
+<INDEX> for ignoreregex
+.TP
 \fBset <JAIL> findtime <TIME>\fR
 sets the number of seconds <TIME>
 for which the filter will look
@@ -163,6 +189,8 @@
 \fBset <JAIL> actionunban <ACT> <CMD>\fR
 sets the unban command <CMD> of
 the action <ACT> for <JAIL>
+.IP
+Jail information
 .TP
 \fBget <JAIL> logpath\fR
 gets the list of the monitored
@@ -181,13 +209,14 @@
 detection for <JAIL>
 .TP
 \fBget <JAIL> failregex\fR
-gets the regular expression which
-matches the failures for <JAIL>
+gets the list of regular
+expressions which matches the
+failures for <JAIL>
 .TP
 \fBget <JAIL> ignoreregex\fR
-gets the regular expression which
-matches patterns to ignore for
-<JAIL>
+gets the list of regular
+expressions which matches patterns
+to ignore for <JAIL>
 .TP
 \fBget <JAIL> findtime\fR
 gets the time for which the filter
@@ -225,16 +254,6 @@
 \fBget <JAIL> actionunban <ACT>\fR
 gets the unban command for the
 action <ACT> for <JAIL>
-.TP
-\fBstart <JAIL>\fR
-starts the jail <JAIL>
-.TP
-\fBstop <JAIL>\fR
-stops the jail <JAIL>. The jail is
-removed
-.TP
-\fBstatus <JAIL>\fR
-gets the current status of <JAIL>
 .SH FILES
 \fI/etc/fail2ban/*\fR
 .SH AUTHOR

Modified: trunk/man/fail2ban-regex.1
===================================================================
--- trunk/man/fail2ban-regex.1	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/man/fail2ban-regex.1	2006-12-23 16:31:00 UTC (rev 503)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-REGEX "1" "December 2006" "fail2ban-regex v0.7.4-SVN" "User Commands"
+.TH FAIL2BAN-REGEX "1" "December 2006" "fail2ban-regex v0.7.5-SVN" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
 .B fail2ban-regex
 \fI<logline> <failregex>\fR
 .SH DESCRIPTION
-Fail2Ban v0.7.4\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.5\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 This tools can test and benchmark your regular expressions for the "failregex"

Modified: trunk/man/fail2ban-server.1
===================================================================
--- trunk/man/fail2ban-server.1	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/man/fail2ban-server.1	2006-12-23 16:31:00 UTC (rev 503)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-SERVER "1" "December 2006" "fail2ban-server v0.7.4-SVN" "User Commands"
+.TH FAIL2BAN-SERVER "1" "December 2006" "fail2ban-server v0.7.5-SVN" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
 [\fIOPTIONS\fR]
 .SH DESCRIPTION
-Fail2Ban v0.7.4\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.5\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 Only use this command for debugging purpose. Start the server with

Added: trunk/server/failregex.py
===================================================================
--- trunk/server/failregex.py	                        (rev 0)
+++ trunk/server/failregex.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -0,0 +1,62 @@
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+__author__ = "Cyril Jaquier"
+__version__ = "$Revision$"
+__date__ = "$Date$"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__license__ = "GPL"
+
+from regex import Regex, RegexException
+
+##
+# Regular expression class.
+#
+# This class represents a regular expression with its compiled version.
+
+class FailRegex(Regex):
+
+	##
+	# Constructor.
+	#
+	# Creates a new object. This method can throw RegexException in order to
+	# avoid construction of invalid object.
+	# @param value the regular expression
+	
+	def __init__(self, value):
+		# Replace "<HOST>" with default regular expression for host.
+		regex = value.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>\S+)")
+		# Initializes the parent.
+		Regex.__init__(self, regex)
+		# Check for group "host"
+		if "host" not in self._regexObj.groupindex:
+			raise RegexException("No 'host' group in '%s'" % self._regex)
+	
+	##
+	# Returns the matched host.
+	#
+	# This corresponds to the pattern matched by the named group "host".
+	# @return the matched host
+	
+	def getHost(self):
+		host = self._matchCache.group("host")
+		if host == None:
+			raise RegexException("Unexpected error. Please check your regex")
+		return host


Property changes on: trunk/server/failregex.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/filter.py
===================================================================
--- trunk/server/filter.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/server/filter.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -29,8 +29,10 @@
 from jailthread import JailThread
 from datedetector import DateDetector
 from mytime import MyTime
+from regex import Regex, RegexException
+from failregex import FailRegex
 
-import logging, re, sre_constants
+import logging, re
 
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.filter")
@@ -61,12 +63,10 @@
 		self.__crtFilename = None
 		## The log file path.
 		self.__logPath = []
-		## The regular expression matching the failure.
-		self.__failRegex = ''
-		self.__failRegexObj = None
-		## The regular expression with expression to ignore.
-		self.__ignoreRegex = ''
-		self.__ignoreRegexObj = None
+		## The regular expression list matching the failures.
+		self.__failRegex = list()
+		## The regular expression list with expressions to ignore.
+		self.__ignoreRegex = list()
 		## The amount of time to look back.
 		self.__findTime = 6000
 		## The ignore IP list.
@@ -158,60 +158,69 @@
 		return self.dateDetector.getDefaultPattern()
 	
 	##
-	# Set the regular expression which matches the failure.
+	# Add a regular expression which matches the failure.
 	#
 	# The regular expression can also match any other pattern than failures
 	# and thus can be used for many purporse.
 	# @param value the regular expression
 	
-	def setFailRegex(self, value):
+	def addFailRegex(self, value):
 		try:
-			if value.lstrip() == '':
-				self.__failRegex = value
-				self.__failRegexObj = None
-			else:
-				# Replace "<HOST>" with default regular expression for host.
-				regex = value.replace("<HOST>", "(?:::f{4,6}:)?(?P<host>\S+)")
-				self.__failRegex = regex
-				self.__failRegexObj = re.compile(regex)
-			logSys.info("Set failregex = %s" % self.__failRegex)
-		except sre_constants.error:
-			logSys.error("Unable to compile regular expression " +
-						self.__failRegex)
+			regex = FailRegex(value)
+			self.__failRegex.append(regex)
+		except RegexException, e:
+			logSys.error(e)
 	
+
+	def delFailRegex(self, index):
+		try:
+			del self.__failRegex[index]
+		except IndexError:
+			logSys.error("Cannot remove regular expression. Index %d is not "
+						 "valid" % index)
+	
 	##
 	# Get the regular expression which matches the failure.
 	#
 	# @return the regular expression
 	
 	def getFailRegex(self):
-		return self.__failRegex
+		failRegex = list()
+		for regex in self.__failRegex:
+			failRegex.append(regex.getRegex())
+		return failRegex
 	
 	##
-	# Set the regular expression which matches the failure.
+	# Add the regular expression which matches the failure.
 	#
 	# The regular expression can also match any other pattern than failures
 	# and thus can be used for many purporse.
 	# @param value the regular expression
 	
-	def setIgnoreRegex(self, value):
+	def addIgnoreRegex(self, value):
 		try:
-			if value.lstrip() == '':
-				self.__ignoreRegexObj = None
-			else:
-				self.__ignoreRegexObj = re.compile(value)
-			self.__ignoreRegex = value
-			logSys.info("Set ignoreregex = %s" % value)
-		except sre_constants.error:
-			logSys.error("Unable to compile regular expression " + value)
+			regex = Regex(value)
+			self.__ignoreRegex.append(regex)
+		except RegexException, e:
+			logSys.error(e)
 	
+	def delIgnoreRegex(self, index):
+		try:
+			del self.__ignoreRegex[index]
+		except IndexError:
+			logSys.error("Cannot remove regular expression. Index %d is not "
+						 "valid" % index)
+	
 	##
 	# Get the regular expression which matches the failure.
 	#
 	# @return the regular expression
 	
 	def getIgnoreRegex(self):
-		return self.__ignoreRegex
+		ignoreRegex = list()
+		for regex in self.__ignoreRegex:
+			ignoreRegex.append(regex.getRegex())
+		return ignoreRegex
 	
 	##
 	# Set the time needed to find a failure.
@@ -413,43 +422,35 @@
 
 	def findFailure(self, line):
 		failList = list()
-		# Checks if failregex is defined.
-		if self.__failRegexObj == None:
-			logSys.error("No failregex is set")
-			return failList
-		# Checks if ignoreregex is defined.
-		if not self.__ignoreRegexObj == None:
-			match = self.__ignoreRegexObj.search(line)
-			if match:
+		# Checks if we must ignore this line.
+		for ignoreRegex in self.__ignoreRegex:
+			ignoreRegex.search(line)
+			if ignoreRegex.hasMatched():
 				# The ignoreregex matched. Return.
 				logSys.debug("Ignoring this line")
 				return failList
-		match = self.__failRegexObj.search(line)
-		if match:
-			# The failregex matched.
-			date = self.dateDetector.getUnixTime(match.string)
-			if date == None:
-				logSys.debug("Found a match but no valid date/time found "
-							 + "for " + match.string + ". Please contact "
-							 + "the author in order to get support for "
-							 + "this format")
-			else:
-				try:
-					matchGroup = match.group("host")
-					# For strange reasons, match.group can return None with some
-					# regular expressions. However, these expressions can be
-					# compiled successfully.
-					if matchGroup == None:
-						logSys.error("Unexpected error. Please correct your "
-									 + "configuration.")
-					else:
-						ipMatch = DNSUtils.textToIp(match.group("host"))
+		# Iterates over all the regular expressions.
+		for failRegex in self.__failRegex:
+			failRegex.search(line)
+			if failRegex.hasMatched():
+				# The failregex matched.
+				date = self.dateDetector.getUnixTime(line)
+				if date == None:
+					logSys.debug("Found a match but no valid date/time found "
+								 + "for " + line + ". Please contact the "
+								 + "author in order to get support for this "
+								 + "format")
+				else:
+					try:
+						host = failRegex.getHost()
+						ipMatch = DNSUtils.textToIp(host)
 						if ipMatch:
 							for ip in ipMatch:
 								failList.append([ip, date])
-				except IndexError:
-					logSys.error("There is no 'host' group in the rule. " +
-								 "Please correct your configuration.")
+							# We matched a regex, it is enough to stop.
+							break
+					except RegexException, e:
+						logSys.error(e)
 		return failList
 	
 

Added: trunk/server/regex.py
===================================================================
--- trunk/server/regex.py	                        (rev 0)
+++ trunk/server/regex.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -0,0 +1,88 @@
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+__author__ = "Cyril Jaquier"
+__version__ = "$Revision$"
+__date__ = "$Date$"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__license__ = "GPL"
+
+import re, sre_constants
+
+##
+# Regular expression class.
+#
+# This class represents a regular expression with its compiled version.
+
+class Regex:
+
+	##
+	# Constructor.
+	#
+	# Creates a new object. This method can throw RegexException in order to
+	# avoid construction of invalid object.
+	# @param value the regular expression
+	
+	def __init__(self, regex):
+		self._matchCache = None
+		try:
+			self._regexObj = re.compile(regex)
+			self._regex = regex
+		except sre_constants.error:
+			raise RegexException("Unable to compile regular expression '%s'" %
+								 regex)
+	
+	##
+	# Gets the regular expression.
+	#
+	# The effective regular expression used is returned.
+	# @return the regular expression
+	
+	def getRegex(self):
+		return self._regex
+	
+	##
+	# Searches the regular expression.
+	#
+	# Sets an internal cache (match object) in order to avoid searching for
+	# the pattern again. This method must be called before calling any other
+	# method of this object.
+	# @param value the line
+	
+	def search(self, value):
+		self._matchCache = self._regexObj.search(value)
+	
+	##
+	# Checks if the previous call to search() matched.
+	#
+	# @return True if a match was found, False otherwise
+	
+	def hasMatched(self):
+		if self._matchCache:
+			return True
+		else:
+			return False
+
+
+##
+# Exception dedicated to the class Regex.
+
+class RegexException(Exception):
+	pass


Property changes on: trunk/server/regex.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/server.py
===================================================================
--- trunk/server/server.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/server/server.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -165,15 +165,21 @@
 	def getFindTime(self, name):
 		return self.__jails.getFilter(name).getFindTime()
 
-	def setFailRegex(self, name, value):
-		self.__jails.getFilter(name).setFailRegex(value)
+	def addFailRegex(self, name, value):
+		self.__jails.getFilter(name).addFailRegex(value)
 	
+	def delFailRegex(self, name, index):
+		self.__jails.getFilter(name).delFailRegex(index)
+	
 	def getFailRegex(self, name):
 		return self.__jails.getFilter(name).getFailRegex()
 	
-	def setIgnoreRegex(self, name, value):
-		self.__jails.getFilter(name).setIgnoreRegex(value)
+	def addIgnoreRegex(self, name, value):
+		self.__jails.getFilter(name).addIgnoreRegex(value)
 	
+	def delIgnoreRegex(self, name, index):
+		self.__jails.getFilter(name).delIgnoreRegex(index)
+	
 	def getIgnoreRegex(self, name):
 		return self.__jails.getFilter(name).getIgnoreRegex()
 	

Modified: trunk/server/transmitter.py
===================================================================
--- trunk/server/transmitter.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/server/transmitter.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -143,14 +143,22 @@
 			value = command[2]
 			self.__server.setTimePattern(name, value)
 			return self.__server.getTimePattern(name)
-		elif command[1] == "failregex":
+		elif command[1] == "addfailregex":
 			value = command[2]
-			self.__server.setFailRegex(name, value)
+			self.__server.addFailRegex(name, value)
 			return self.__server.getFailRegex(name)
-		elif command[1] == "ignoreregex":
+		elif command[1] == "delfailregex":
+			value = int(command[2])
+			self.__server.delFailRegex(name, value)
+			return self.__server.getFailRegex(name)
+		elif command[1] == "addignoreregex":
 			value = command[2]
-			self.__server.setIgnoreRegex(name, value)
+			self.__server.addIgnoreRegex(name, value)
 			return self.__server.getIgnoreRegex(name)
+		elif command[1] == "delignoreregex":
+			value = int(command[2])
+			self.__server.delIgnoreRegex(name, value)
+			return self.__server.getIgnoreRegex(name)
 		elif command[1] == "findtime":
 			value = command[2]
 			self.__server.setFindTime(name, int(value))

Modified: trunk/testcases/filtertestcase.py
===================================================================
--- trunk/testcases/filtertestcase.py	2006-12-23 09:51:41 UTC (rev 502)
+++ trunk/testcases/filtertestcase.py	2006-12-23 16:31:00 UTC (rev 503)
@@ -99,7 +99,7 @@
 		output = ('193.168.0.128', 3, 1124013599.0)
 		
 		self.__filter.addLogPath(GetFailures.FILENAME_01)
-		self.__filter.setFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)")
+		self.__filter.addFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)")
 
 		self.__filter.getFailures(GetFailures.FILENAME_01)
 		
@@ -116,7 +116,7 @@
 		output = ('141.3.81.106', 4, 1124013539.0)
 
 		self.__filter.addLogPath(GetFailures.FILENAME_02)
-		self.__filter.setFailRegex("Failed .* (?:::f{4,6}:)(?P<host>\S*)")
+		self.__filter.addFailRegex("Failed .* (?:::f{4,6}:)(?P<host>\S*)")
 		
 		self.__filter.getFailures(GetFailures.FILENAME_02)
 		
@@ -127,13 +127,13 @@
 		ip = ticket.getIP()
 		found = (ip, attempts, date)
 		
-		self.assertEqual(found, output)	
+		self.assertEqual(found, output)
 
 	def testGetFailures03(self):
 		output = ('203.162.223.135', 6, 1124013544.0)
 
 		self.__filter.addLogPath(GetFailures.FILENAME_03)
-		self.__filter.setFailRegex("error,relay=(?:::f{4,6}:)?(?P<host>\S*),.*550 User unknown")
+		self.__filter.addFailRegex("error,relay=(?:::f{4,6}:)?(?P<host>\S*),.*550 User unknown")
 		
 		self.__filter.getFailures(GetFailures.FILENAME_03)
 		
@@ -151,7 +151,7 @@
 				  ('212.41.96.185', 4, 1124013598.0)]
 
 		self.__filter.addLogPath(GetFailures.FILENAME_04)
-		self.__filter.setFailRegex("Invalid user .* (?P<host>\S*)")
+		self.__filter.addFailRegex("Invalid user .* (?P<host>\S*)")
 		
 		self.__filter.getFailures(GetFailures.FILENAME_04)
 
@@ -165,4 +165,33 @@
 				self.assertEqual(found, output[i])
 		except FailManagerEmpty:
 			pass
-		
\ No newline at end of file
+		
+	def testGetFailuresMultiRegex(self):
+		output = ('141.3.81.106', 8, 1124013541.0)
+
+		self.__filter.addLogPath(GetFailures.FILENAME_02)
+		self.__filter.addFailRegex("Failed .* from <HOST>")
+		self.__filter.addFailRegex("Accepted .* from <HOST>")
+		
+		self.__filter.getFailures(GetFailures.FILENAME_02)
+		
+		ticket = self.__filter.failManager.toBan()
+
+		attempts = ticket.getAttempt()
+		date = ticket.getTime()
+		ip = ticket.getIP()
+		found = (ip, attempts, date)
+		
+		self.assertEqual(found, output)
+	
+	def testGetFailuresIgnoreRegex(self):
+		output = ('141.3.81.106', 8, 1124013541.0)
+
+		self.__filter.addLogPath(GetFailures.FILENAME_02)
+		self.__filter.addFailRegex("Failed .* from <HOST>")
+		self.__filter.addFailRegex("Accepted .* from <HOST>")
+		self.__filter.addIgnoreRegex("for roehl")
+		
+		self.__filter.getFailures(GetFailures.FILENAME_02)
+		
+		self.assertRaises(FailManagerEmpty, self.__filter.failManager.toBan)


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [504] trunk

[<los...@us...>]

Revision: 504
          http://svn.sourceforge.net/fail2ban/?rev=504&view=rev
Author:   lostcontrol
Date:     2006-12-23 08:37:17 -0800 (Sat, 23 Dec 2006)

Log Message:
-----------
- Added svn:keywords

Modified Paths:
--------------
    trunk/client/beautifier.py
    trunk/common/__init__.py
    trunk/common/protocol.py
    trunk/fail2ban-regex
    trunk/server/datedetector.py
    trunk/server/dateepoch.py
    trunk/server/datestrptime.py
    trunk/server/datetai64n.py
    trunk/server/datetemplate.py
    trunk/server/filterpoll.py
    trunk/server/jails.py
    trunk/server/mytime.py
    trunk/testcases/actiontestcase.py
    trunk/testcases/clientreadertestcase.py
    trunk/testcases/datedetectortestcase.py

Property Changed:
----------------
    trunk/client/beautifier.py
    trunk/common/__init__.py
    trunk/common/protocol.py
    trunk/fail2ban-regex
    trunk/server/datedetector.py
    trunk/server/dateepoch.py
    trunk/server/datestrptime.py
    trunk/server/datetai64n.py
    trunk/server/datetemplate.py
    trunk/server/filterpoll.py
    trunk/server/jails.py
    trunk/server/mytime.py
    trunk/testcases/actiontestcase.py
    trunk/testcases/clientreadertestcase.py
    trunk/testcases/datedetectortestcase.py

Modified: trunk/client/beautifier.py
===================================================================
--- trunk/client/beautifier.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/client/beautifier.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 288 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 288 $"
-__date__ = "$Date: 2006-08-22 23:59:51 +0200 (Tue, 22 Aug 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/client/beautifier.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/common/__init__.py
===================================================================
--- trunk/common/__init__.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/common/__init__.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,10 +16,10 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 433 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 433 $"
-__date__ = "$Date: 2006-10-24 21:40:51 +0200 (Tue, 24 Oct 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"


Property changes on: trunk/common/__init__.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/common/protocol.py
===================================================================
--- trunk/common/protocol.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/common/protocol.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 456 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 456 $"
-__date__ = "$Date: 2006-11-12 11:56:40 +0100 (Sun, 12 Nov 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/common/protocol.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/fail2ban-regex
===================================================================
--- trunk/fail2ban-regex	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/fail2ban-regex	2006-12-23 16:37:17 UTC (rev 504)
@@ -17,11 +17,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 300 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 300 $"
-__date__ = "$Date: 2006-08-23 21:53:09 +0200 (Wed, 23 Aug 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/fail2ban-regex
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/datedetector.py
===================================================================
--- trunk/server/datedetector.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/datedetector.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/datedetector.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/dateepoch.py
===================================================================
--- trunk/server/dateepoch.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/dateepoch.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/dateepoch.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/datestrptime.py
===================================================================
--- trunk/server/datestrptime.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/datestrptime.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -17,11 +17,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/datestrptime.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/datetai64n.py
===================================================================
--- trunk/server/datetai64n.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/datetai64n.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/datetai64n.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/datetemplate.py
===================================================================
--- trunk/server/datetemplate.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/datetemplate.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/datetemplate.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/filterpoll.py
===================================================================
--- trunk/server/filterpoll.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/filterpoll.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 354 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 354 $"
-__date__ = "$Date: 2006-09-13 23:31:22 +0200 (Wed, 13 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/filterpoll.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/jails.py
===================================================================
--- trunk/server/jails.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/jails.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 354 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 354 $"
-__date__ = "$Date: 2006-09-13 23:31:22 +0200 (Wed, 13 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/jails.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/server/mytime.py
===================================================================
--- trunk/server/mytime.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/server/mytime.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 321 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 321 $"
-__date__ = "$Date: 2006-09-04 21:19:58 +0200 (Mon, 04 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/server/mytime.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/testcases/actiontestcase.py
===================================================================
--- trunk/testcases/actiontestcase.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/testcases/actiontestcase.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 382 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 382 $"
-__date__ = "$Date: 2006-09-25 19:03:48 +0200 (Mon, 25 Sep 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/testcases/actiontestcase.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/testcases/clientreadertestcase.py
===================================================================
--- trunk/testcases/clientreadertestcase.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/testcases/clientreadertestcase.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 253 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 253 $"
-__date__ = "$Date: 2006-07-17 00:21:58 +0200 (Mon, 17 Jul 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/testcases/clientreadertestcase.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/testcases/datedetectortestcase.py
===================================================================
--- trunk/testcases/datedetectortestcase.py	2006-12-23 16:31:00 UTC (rev 503)
+++ trunk/testcases/datedetectortestcase.py	2006-12-23 16:37:17 UTC (rev 504)
@@ -16,11 +16,11 @@
 
 # Author: Cyril Jaquier
 # 
-# $Revision: 253 $
+# $Revision$
 
 __author__ = "Cyril Jaquier"
-__version__ = "$Revision: 253 $"
-__date__ = "$Date: 2006-07-17 00:21:58 +0200 (Mon, 17 Jul 2006) $"
+__version__ = "$Revision$"
+__date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 


Property changes on: trunk/testcases/datedetectortestcase.py
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [505] trunk

[<los...@us...>]

Revision: 505
          http://svn.sourceforge.net/fail2ban/?rev=505&view=rev
Author:   lostcontrol
Date:     2006-12-23 15:20:16 -0800 (Sat, 23 Dec 2006)

Log Message:
-----------
- Do not accept empty regular expression
- Do not send an empty string if the option is not defined

Modified Paths:
--------------
    trunk/client/filterreader.py
    trunk/client/jailreader.py
    trunk/server/regex.py

Modified: trunk/client/filterreader.py
===================================================================
--- trunk/client/filterreader.py	2006-12-23 16:37:17 UTC (rev 504)
+++ trunk/client/filterreader.py	2006-12-23 23:20:16 UTC (rev 505)
@@ -68,9 +68,13 @@
 				stream.append(["set", self.__name, "timepattern", self.__opts[opt]])
 			elif opt == "failregex":
 				for regex in self.__opts[opt].split('\n'):
-					stream.append(["set", self.__name, "addfailregex", regex])
+					# Do not send a command if the rule is empty.
+					if regex != '':
+						stream.append(["set", self.__name, "addfailregex", regex])
 			elif opt == "ignoreregex":
 				for regex in self.__opts[opt].split('\n'):
-					stream.append(["set", self.__name, "addignoreregex", regex])		
+					# Do not send a command if the rule is empty.
+					if regex != '':
+						stream.append(["set", self.__name, "addignoreregex", regex])		
 		return stream
 		
\ No newline at end of file

Modified: trunk/client/jailreader.py
===================================================================
--- trunk/client/jailreader.py	2006-12-23 16:37:17 UTC (rev 504)
+++ trunk/client/jailreader.py	2006-12-23 23:20:16 UTC (rev 505)
@@ -112,7 +112,9 @@
 				stream.append(["set", self.__name, "maxretry", self.__opts[opt]])
 			elif opt == "ignoreip":
 				for ip in self.__opts[opt].split():
-					stream.append(["set", self.__name, "addignoreip", ip])
+					# Do not send a command if the rule is empty.
+					if ip != '':
+						stream.append(["set", self.__name, "addignoreip", ip])
 			elif opt == "findtime":
 				stream.append(["set", self.__name, "findtime", self.__opts[opt]])
 			elif opt == "bantime":

Modified: trunk/server/regex.py
===================================================================
--- trunk/server/regex.py	2006-12-23 16:37:17 UTC (rev 504)
+++ trunk/server/regex.py	2006-12-23 23:20:16 UTC (rev 505)
@@ -42,6 +42,8 @@
 	
 	def __init__(self, regex):
 		self._matchCache = None
+		if regex.lstrip() == '':
+			raise RegexException("Cannot add empty regex")
 		try:
 			self._regexObj = re.compile(regex)
 			self._regex = regex


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [506] trunk

[<los...@us...>]

Revision: 506
          http://svn.sourceforge.net/fail2ban/?rev=506&view=rev
Author:   lostcontrol
Date:     2007-01-03 10:15:55 -0800 (Wed, 03 Jan 2007)

Log Message:
-----------
- Added license file. Thanks to Axel Thimm

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/MANIFEST

Added Paths:
-----------
    trunk/COPYING

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2006-12-23 23:20:16 UTC (rev 505)
+++ trunk/CHANGELOG	2007-01-03 18:15:55 UTC (rev 506)
@@ -17,6 +17,7 @@
   filter. Thanks to mEDI
 - Several "failregex" and "ignoreregex" are now accepted.
   Creation of rules should be easier now.
+- Added license in COPYING. Thanks to Axel Thimm
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Added: trunk/COPYING
===================================================================
--- trunk/COPYING	                        (rev 0)
+++ trunk/COPYING	2007-01-03 18:15:55 UTC (rev 506)
@@ -0,0 +1,339 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.

Modified: trunk/MANIFEST
===================================================================
--- trunk/MANIFEST	2006-12-23 23:20:16 UTC (rev 505)
+++ trunk/MANIFEST	2007-01-03 18:15:55 UTC (rev 506)
@@ -1,6 +1,7 @@
 README
 CHANGELOG
 TODO
+COPYING
 fail2ban-client
 fail2ban-server
 fail2ban-testcases


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [509] trunk

[<los...@us...>]

Revision: 509
          http://svn.sourceforge.net/fail2ban/?rev=509&view=rev
Author:   lostcontrol
Date:     2007-01-04 03:58:58 -0800 (Thu, 04 Jan 2007)

Log Message:
-----------
- Allow comma in action options. The value of the option must be escaped with " or '. Thanks to Yaroslav Halchenko

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/TODO
    trunk/client/jailreader.py
    trunk/config/jail.conf

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-03 18:18:31 UTC (rev 508)
+++ trunk/CHANGELOG	2007-01-04 11:58:58 UTC (rev 509)
@@ -18,6 +18,8 @@
 - Several "failregex" and "ignoreregex" are now accepted.
   Creation of rules should be easier now.
 - Added license in COPYING. Thanks to Axel Thimm
+- Allow comma in action options. The value of the option must
+  be escaped with " or '. Thanks to Yaroslav Halchenko
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2007-01-03 18:18:31 UTC (rev 508)
+++ trunk/TODO	2007-01-04 11:58:58 UTC (rev 509)
@@ -13,6 +13,8 @@
 # partially done
 * done
 
+- Improve parsing of the action parameters in jailreader.py
+
 - Better handling of the protocol in transmitter.py
 
 - Add gettext support (I18N)

Modified: trunk/client/jailreader.py
===================================================================
--- trunk/client/jailreader.py	2007-01-03 18:18:31 UTC (rev 508)
+++ trunk/client/jailreader.py	2007-01-04 11:58:58 UTC (rev 509)
@@ -134,7 +134,31 @@
 		m = JailReader.actionCRE.match(action)
 		d = dict()
 		if not m.group(2) == None:
-			for param in m.group(2).split(','):
+			# Huge bad hack :( This method really sucks. TODO Reimplement it.
+			actions = ""
+			escapeChar = None
+			allowComma = False
+			for c in m.group(2):
+				if c in ('"', "'") and not allowComma:
+					# Start
+					escapeChar = c
+					allowComma = True
+				elif c == escapeChar:
+					# End
+					escapeChar = None
+					allowComma = False
+				else:
+					if c == ',' and allowComma:
+						actions += "<COMMA>"
+					else:
+						actions += c
+			
+			# Split using ,
+			actionsSplit = actions.split(',')
+			# Replace the tag <COMMA> with ,
+			actionsSplit = [n.replace("<COMMA>", ',') for n in actionsSplit]
+			
+			for param in actionsSplit:
 				p = param.split('=')
 				try:
 					d[p[0].strip()] = p[1].strip()

Modified: trunk/config/jail.conf
===================================================================
--- trunk/config/jail.conf	2007-01-03 18:18:31 UTC (rev 508)
+++ trunk/config/jail.conf	2007-01-04 11:58:58 UTC (rev 509)
@@ -141,13 +141,15 @@
 logpath  = /var/log/apache2/error_log
 
 # This jail uses ipfw, the standard firewall on FreeBSD. The "ignoreip"
-# option is overridden in this jail.
+# option is overridden in this jail. Moreover, the action "mail-whois" defines
+# the variable "name" which contains a comma using "". The characters '' are
+# valid too.
 
 [ssh-ipfw]
 
 enabled  = false
 filter   = sshd
 action   = ipfw[localhost=192.168.0.1]
-           mail-whois[name=SSH, dest=you...@ma...]
+           mail-whois[name="SSH,IPFW", dest=you...@ma...]
 logpath  = /var/log/auth.log
 ignoreip = 168.192.0.1


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [511] trunk

[<los...@us...>]

Revision: 511
          http://svn.sourceforge.net/fail2ban/?rev=511&view=rev
Author:   lostcontrol
Date:     2007-01-04 04:58:21 -0800 (Thu, 04 Jan 2007)

Log Message:
-----------
- Now Fail2ban goes in /usr/share/fail2ban instead of /usr/lib/fail2ban. This is more compliant with FHS. Thanks to Axel Thimm and Yaroslav Halchenko

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/fail2ban-client
    trunk/fail2ban-regex
    trunk/fail2ban-server
    trunk/fail2ban-testcases
    trunk/setup.cfg
    trunk/setup.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/CHANGELOG	2007-01-04 12:58:21 UTC (rev 511)
@@ -4,10 +4,10 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.6)                           200?/??/??
+Fail2Ban (version 0.7.6)                           2007/01/04
 =============================================================
 
-ver. 0.7.6 (200?/??/??) - ???
+ver. 0.7.6 (2007/01/04) - beta
 ----------
 - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight
 - Use /dev/log for SYSLOG output. Thanks to Joerg Sommrey
@@ -20,6 +20,9 @@
 - Added license in COPYING. Thanks to Axel Thimm
 - Allow comma in action options. The value of the option must
   be escaped with " or '. Thanks to Yaroslav Halchenko
+- Now Fail2ban goes in /usr/share/fail2ban instead of
+  /usr/lib/fail2ban. This is more compliant with FHS. Thanks
+  to Axel Thimm and Yaroslav Halchenko
 
 ver. 0.7.5 (2006/12/07) - beta
 ----------

Modified: trunk/fail2ban-client
===================================================================
--- trunk/fail2ban-client	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/fail2ban-client	2007-01-04 12:58:21 UTC (rev 511)
@@ -30,7 +30,7 @@
 
 # Inserts our own modules path first in the list
 # fix for bug #343821
-sys.path.insert(1, "/usr/lib/fail2ban")
+sys.path.insert(1, "/usr/share/fail2ban")
 
 # Now we can import our modules
 from common.version import version

Modified: trunk/fail2ban-regex
===================================================================
--- trunk/fail2ban-regex	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/fail2ban-regex	2007-01-04 12:58:21 UTC (rev 511)
@@ -29,7 +29,7 @@
 
 # Inserts our own modules path first in the list
 # fix for bug #343821
-sys.path.insert(1, "/usr/lib/fail2ban")
+sys.path.insert(1, "/usr/share/fail2ban")
 
 from common.version import version
 from server.filter import Filter

Modified: trunk/fail2ban-server
===================================================================
--- trunk/fail2ban-server	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/fail2ban-server	2007-01-04 12:58:21 UTC (rev 511)
@@ -29,7 +29,7 @@
 
 # Inserts our own modules path first in the list
 # fix for bug #343821
-sys.path.insert(1, "/usr/lib/fail2ban")
+sys.path.insert(1, "/usr/share/fail2ban")
 
 from common.version import version
 from server.server import Server

Modified: trunk/fail2ban-testcases
===================================================================
--- trunk/fail2ban-testcases	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/fail2ban-testcases	2007-01-04 12:58:21 UTC (rev 511)
@@ -30,7 +30,7 @@
 
 # Inserts our own modules path first in the list
 # fix for bug #343821
-sys.path.insert(1, "/usr/lib/fail2ban")
+sys.path.insert(1, "/usr/share/fail2ban")
 
 from common.version import version
 from testcases import banmanagertestcase

Modified: trunk/setup.cfg
===================================================================
--- trunk/setup.cfg	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/setup.cfg	2007-01-04 12:58:21 UTC (rev 511)
@@ -1,5 +1,5 @@
 [install]
-install-purelib=/usr/lib/fail2ban
+install-purelib=/usr/share/fail2ban
 
 [sdist]
 formats=bztar

Modified: trunk/setup.py
===================================================================
--- trunk/setup.py	2007-01-04 12:21:44 UTC (rev 510)
+++ trunk/setup.py	2007-01-04 12:58:21 UTC (rev 511)
@@ -28,7 +28,7 @@
 
 from distutils.core import setup
 from common.version import version
-from os.path import isfile, join
+from os.path import isfile, join, isdir
 from sys import argv
 from glob import glob
 
@@ -113,6 +113,13 @@
 		print "\t" + f
 	print
 
+if isdir("/usr/lib/fail2ban"):
+	print
+	print "Fail2ban is not installed under /usr/lib anymore. The new " \
+		  "location is under /usr/share. Please remove the directory " \
+		  "/usr/lib/fail2ban and everything under this directory."
+	print
+
 # Update config file
 if argv[1] == "install":
 	print


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [512] trunk

[<los...@us...>]

Revision: 512
          http://svn.sourceforge.net/fail2ban/?rev=512&view=rev
Author:   lostcontrol
Date:     2007-01-04 04:59:09 -0800 (Thu, 04 Jan 2007)

Log Message:
-----------
- Prepared for releasing (0.7.6)

Modified Paths:
--------------
    trunk/README
    trunk/common/version.py

Modified: trunk/README
===================================================================
--- trunk/README	2007-01-04 12:58:21 UTC (rev 511)
+++ trunk/README	2007-01-04 12:59:09 UTC (rev 512)
@@ -4,7 +4,7 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.6)                           200?/??/??
+Fail2Ban (version 0.7.6)                           2007/01/04
 =============================================================
 
 Fail2Ban scans log files like /var/log/pwdfail and bans IP
@@ -28,11 +28,11 @@
 
 To install, just do:
 
-> tar xvfj fail2ban-0.7.5.tar.bz2
-> cd fail2ban-0.7.5
+> tar xvfj fail2ban-0.7.6.tar.bz2
+> cd fail2ban-0.7.6
 > python setup.py install
 
-This will install Fail2Ban into /usr/lib/fail2ban. The
+This will install Fail2Ban into /usr/share/fail2ban. The
 executable scripts are placed into /usr/bin.
 
 Gentoo: ebuilds are available on the website.
@@ -73,7 +73,7 @@
 Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
 Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
 Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
-René Berber, mEDI
+René Berber, mEDI, Axel Thimm
 
 License:
 --------

Modified: trunk/common/version.py
===================================================================
--- trunk/common/version.py	2007-01-04 12:58:21 UTC (rev 511)
+++ trunk/common/version.py	2007-01-04 12:59:09 UTC (rev 512)
@@ -24,4 +24,4 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-version = "0.7.5-SVN"
+version = "0.7.6"


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [515] trunk

[<los...@us...>]

Revision: 515
          http://svn.sourceforge.net/fail2ban/?rev=515&view=rev
Author:   lostcontrol
Date:     2007-01-04 15:34:35 -0800 (Thu, 04 Jan 2007)

Log Message:
-----------
- Added signal handling in fail2ban-client
- Added a wonderful visual effect when waiting on the server
- Improved error message. Thanks to Yaroslav Halchenko

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/fail2ban-client
    trunk/fail2ban-server

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-04 13:10:44 UTC (rev 514)
+++ trunk/CHANGELOG	2007-01-04 23:34:35 UTC (rev 515)
@@ -4,9 +4,14 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.6)                           2007/01/04
+Fail2Ban (version 0.7.7)                           2007/??/??
 =============================================================
 
+ver. 0.7.7 (2007/??/??)
+----------
+- Added signal handling in fail2ban-client
+- Added a wonderful visual effect when waiting on the server
+
 ver. 0.7.6 (2007/01/04) - beta
 ----------
 - Added a "sleep 1" in redhat-initd. Thanks to Jim Wight

Modified: trunk/fail2ban-client
===================================================================
--- trunk/fail2ban-client	2007-01-04 13:10:44 UTC (rev 514)
+++ trunk/fail2ban-client	2007-01-04 23:34:35 UTC (rev 515)
@@ -25,7 +25,7 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-import sys, string, os, pickle, re, logging
+import sys, string, os, pickle, re, logging, signal
 import getopt, time, readline, shlex, socket
 
 # Inserts our own modules path first in the list
@@ -87,7 +87,7 @@
 		print "    -i                      interactive mode"
 		print "    -v                      increase verbosity"
 		print "    -q                      decrease verbosity"
-		print "    -x                      force execution of the server"
+		print "    -x                      force execution of the server (remove socket file)"
 		print "    -h, --help              display this help message"
 		print "    -V, --version           print the version"
 		print
@@ -103,7 +103,13 @@
 		print "Fail2Ban v" + version + " reads log file that contains password failure report"
 		print "and bans the corresponding IP addresses using firewall rules."
 		print 
-	
+
+	def __sigTERMhandler(self, signum, frame):
+		# Print a new line because we probably come from wait
+		print
+		logSys.warn("Caught signal %d. Exiting" % signum)
+		sys.exit(-1)
+
 	def __getCmdLineOptions(self, optList):
 		""" Gets the command line options
 		"""
@@ -180,7 +186,11 @@
 					self.__processCmd(self.__stream, False)
 					return True
 				except ServerExecutionException:
-					logSys.error("Could not start server. Try -x option")
+					logSys.error("Could not start server. Maybe an old " +
+								 "socket file is still present. Try to " +
+								 "remove " + self.__conf["socket"] + ". If " +
+								 "you used fail2ban-client to start the " +
+								 "server, adding the -x option will do it")
 					return False
 		elif len(cmd) == 1 and cmd[0] == "reload":
 			if self.__ping():
@@ -229,18 +239,40 @@
 	def __waitOnServer(self):
 		# Wait for the server to start
 		cnt = 0
+		if self.__conf["verbose"] > 1:
+			pos = 0
+			delta = 1
+			mask = "[          ]"
 		while not self.__ping():
+			# Wonderful visual :)
+			if self.__conf["verbose"] > 1:
+				pos += delta
+				sys.stdout.write("\rINFO   " + mask[:pos] + '#' + mask[pos+1:] +
+								 " Waiting on the server...")
+				sys.stdout.flush()
+				if pos > len(mask)-3:
+					delta = -1
+				elif pos < 2:
+					delta = 1
 			# The server has 30 secondes to start.
 			if cnt >= 300:
+				if self.__conf["verbose"] > 1:
+					sys.stdout.write('\n')
 				raise ServerExecutionException("Failed to start server")
 			time.sleep(0.1)
 			cnt += 1
+		if self.__conf["verbose"] > 1:
+			sys.stdout.write('\n')
 			
 	
 	def start(self, argv):
 		# Command line options
 		self.__argv = argv
 		
+		# Install signal handlers
+		signal.signal(signal.SIGTERM, self.__sigTERMhandler)
+		signal.signal(signal.SIGINT, self.__sigTERMhandler)
+		
 		# Reads the command line options.
 		try:
 			cmdOpts = 'hc:s:xdviqV'

Modified: trunk/fail2ban-server
===================================================================
--- trunk/fail2ban-server	2007-01-04 13:10:44 UTC (rev 514)
+++ trunk/fail2ban-server	2007-01-04 23:34:35 UTC (rev 515)
@@ -78,7 +78,7 @@
 		print "    -b                   start in background"
 		print "    -f                   start in foreground"
 		print "    -s <FILE>            socket path"
-		print "    -x                   force execution of the server"
+		print "    -x                   force execution of the server (remove socket file)"
 		print "    -h, --help           display this help message"
 		print "    -V, --version        print the version"
 		print


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [518] trunk

[<los...@us...>]

Revision: 518
          http://svn.sourceforge.net/fail2ban/?rev=518&view=rev
Author:   lostcontrol
Date:     2007-01-08 13:15:47 -0800 (Mon, 08 Jan 2007)

Log Message:
-----------
- fail2ban-client returns an error code if configuration is not valid

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/client/configurator.py
    trunk/client/jailsreader.py
    trunk/fail2ban-client

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-08 21:09:50 UTC (rev 517)
+++ trunk/CHANGELOG	2007-01-08 21:15:47 UTC (rev 518)
@@ -11,6 +11,8 @@
 ----------
 - Added signal handling in fail2ban-client
 - Added a wonderful visual effect when waiting on the server
+- fail2ban-client returns an error code if configuration is
+  not valid
 
 ver. 0.7.6 (2007/01/04) - beta
 ----------

Modified: trunk/client/configurator.py
===================================================================
--- trunk/client/configurator.py	2007-01-08 21:09:50 UTC (rev 517)
+++ trunk/client/configurator.py	2007-01-08 21:15:47 UTC (rev 518)
@@ -60,7 +60,7 @@
 	
 	def getAllOptions(self):
 		self.__fail2ban.getOptions()
-		self.__jails.getOptions()
+		return self.__jails.getOptions()
 		
 	def convertToProtocol(self):
 		self.__streams["general"] = self.__fail2ban.convert()

Modified: trunk/client/jailsreader.py
===================================================================
--- trunk/client/jailsreader.py	2007-01-08 21:09:50 UTC (rev 517)
+++ trunk/client/jailsreader.py	2007-01-08 21:15:47 UTC (rev 518)
@@ -54,6 +54,8 @@
 					self.__jails.append(jail)
 			else:
 				logSys.error("Errors in jail '" + sec + "'. Skipping...")
+				return False
+		return True
 	
 	def convert(self):
 		stream = list()

Modified: trunk/fail2ban-client
===================================================================
--- trunk/fail2ban-client	2007-01-08 21:09:50 UTC (rev 517)
+++ trunk/fail2ban-client	2007-01-08 21:15:47 UTC (rev 518)
@@ -175,10 +175,14 @@
 				logSys.error("Server already running")
 				return False
 			else:
+				# Read the config
+				ret = self.__readConfig()
+				# Do not continue if configuration is not 100% valid
+				if not ret:
+					return False
+				# Start the server
 				self.__startServerAsync(self.__conf["socket"],
 										self.__conf["force"])
-				# Read the config while the server is starting
-				self.__readConfig()
 				try:
 					# Wait for the server to start
 					self.__waitOnServer()
@@ -194,7 +198,10 @@
 					return False
 		elif len(cmd) == 1 and cmd[0] == "reload":
 			if self.__ping():
-				self.__readConfig()
+				ret = self.__readConfig()
+				# Do not continue if configuration is not 100% valid
+				if not ret:
+					return False
 				self.__processCmd([['stop', 'all']], False)
 				# Configure the server
 				return self.__processCmd(self.__stream, False)
@@ -312,9 +319,9 @@
 		logSys.info("Using socket file " + self.__conf["socket"])
 
 		if self.__conf["dump"]:
-			self.__readConfig()
+			ret = self.__readConfig()
 			self.dumpConfig(self.__stream)
-			return True
+			return ret
 		
 		# Interactive mode
 		if self.__conf["interactive"]:
@@ -345,9 +352,10 @@
 	def __readConfig(self):
 		# Read the configuration
 		self.__configurator.readAll()
-		self.__configurator.getAllOptions()
+		ret = self.__configurator.getAllOptions()
 		self.__configurator.convertToProtocol()
 		self.__stream = self.__configurator.getConfigStream()
+		return ret
 	
 	@staticmethod
 	def dumpConfig(cmd):


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [520] trunk

[<los...@us...>]

Revision: 520
          http://svn.sourceforge.net/fail2ban/?rev=520&view=rev
Author:   lostcontrol
Date:     2007-01-08 13:40:37 -0800 (Mon, 08 Jan 2007)

Log Message:
-----------
- Added new filters/actions. Thanks to Yaroslav Halchenko

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/MANIFEST
    trunk/config/filter.d/vsftpd.conf

Added Paths:
-----------
    trunk/config/action.d/iptables-multiport.conf
    trunk/config/action.d/iptables-new.conf
    trunk/config/action.d/mail-whois-lines.conf
    trunk/config/filter.d/wuftpd.conf

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-08 21:16:57 UTC (rev 519)
+++ trunk/CHANGELOG	2007-01-08 21:40:37 UTC (rev 520)
@@ -13,6 +13,7 @@
 - Added a wonderful visual effect when waiting on the server
 - fail2ban-client returns an error code if configuration is
   not valid
+- Added new filters/actions. Thanks to Yaroslav Halchenko
 
 ver. 0.7.6 (2007/01/04) - beta
 ----------

Modified: trunk/MANIFEST
===================================================================
--- trunk/MANIFEST	2007-01-08 21:16:57 UTC (rev 519)
+++ trunk/MANIFEST	2007-01-08 21:40:37 UTC (rev 520)
@@ -70,9 +70,13 @@
 config/filter.d/sshd.conf
 config/filter.d/proftpd.conf
 config/filter.d/sasl.conf
+config/filter.d/wuftpd.conf
 config/action.d/iptables.conf
+config/action.d/iptables-multiport.conf
+config/action.d/iptables-new.conf
 config/action.d/ipfw.conf
 config/action.d/mail-whois.conf
+config/action.d/mail-whois-lines.conf
 config/action.d/mail.conf
 config/action.d/hostsdeny.conf
 config/action.d/shorewall.conf

Added: trunk/config/action.d/iptables-multiport.conf
===================================================================
--- trunk/config/action.d/iptables-multiport.conf	                        (rev 0)
+++ trunk/config/action.d/iptables-multiport.conf	2007-01-08 21:40:37 UTC (rev 520)
@@ -0,0 +1,69 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified by Yaroslav Halchenko for multiport banning
+# $Revision$
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = iptables -N fail2ban-<name>
+              iptables -A fail2ban-<name> -j RETURN
+              iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+
+# Option:  actionend
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+             iptables -F fail2ban-<name>
+             iptables -X fail2ban-<name>
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
+
+[Init]
+
+# Defaut name of the chain
+#
+name = default
+
+# Option:  port
+# Notes.:  specifies port to monitor
+# Values:  [ NUM | STRING ]  Default:
+#
+port = ssh
+
+# Option:  protocol
+# Notes.:  internally used by config reader for interpolations.
+# Values:  [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+


Property changes on: trunk/config/action.d/iptables-multiport.conf
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Added: trunk/config/action.d/iptables-new.conf
===================================================================
--- trunk/config/action.d/iptables-new.conf	                        (rev 0)
+++ trunk/config/action.d/iptables-new.conf	2007-01-08 21:40:37 UTC (rev 520)
@@ -0,0 +1,71 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Copied from iptables.conf and modified by Yaroslav Halchenko 
+#  to fullfill the needs of bugreporter dbts#350746.
+#
+# $Revision$
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = iptables -N fail2ban-<name>
+              iptables -A fail2ban-<name> -j RETURN
+              iptables -I INPUT -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+
+# Option:  actionend
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop = iptables -D INPUT -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+             iptables -F fail2ban-<name>
+             iptables -X fail2ban-<name>
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
+
+[Init]
+
+# Defaut name of the chain
+#
+name = default
+
+# Option:  port
+# Notes.:  specifies port to monitor
+# Values:  [ NUM | STRING ]  Default:
+#
+port = ssh
+
+# Option:  protocol
+# Notes.:  internally used by config reader for interpolations.
+# Values:  [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+


Property changes on: trunk/config/action.d/iptables-new.conf
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Added: trunk/config/action.d/mail-whois-lines.conf
===================================================================
--- trunk/config/action.d/mail-whois-lines.conf	                        (rev 0)
+++ trunk/config/action.d/mail-whois-lines.conf	2007-01-08 21:40:37 UTC (rev 520)
@@ -0,0 +1,75 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified-By: Yaroslav Halchenko to include grepping on IP over log files
+# $Revision$
+#
+
+[Definition]
+
+# Option:  fwstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = echo -en "Hi,\n
+              The jail <name> has been started successfuly.\n
+              Regards,\n
+              Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest>
+
+# Option:  fwend
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop = echo -en "Hi,\n
+             The jail <name> has been stopped.\n
+             Regards,\n
+             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest>
+
+# Option:  fwcheck
+# Notes.:  command executed once before each fwban command
+# Values:  CMD
+#
+actioncheck = 
+
+# Option:  fwban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <failtime>  unix timestamp of the last failure
+#          <bantime>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = echo -en "Hi,\n
+            The IP <ip> has just been banned by Fail2Ban after
+            <failures> attempts against <name>.\n\n
+            Here are more information about <ip>:\n
+            `whois <ip>`\n\n
+            Lines containing IP:<ip> in <logpath>\n
+            `grep '\<<ip>\>' <logpath>`\n\n
+            Regards,\n
+            Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip>" <dest>
+
+# Option:  fwunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <bantime>  unix timestamp of the ban time
+#          <unbantime>  unix timestamp of the unban time
+# Values:  CMD
+#
+actionunban = 
+
+[Init]
+
+# Defaut name of the chain
+#
+name = default
+
+# Destinataire of the mail
+#
+dest = root
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null


Property changes on: trunk/config/action.d/mail-whois-lines.conf
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision

Modified: trunk/config/filter.d/vsftpd.conf
===================================================================
--- trunk/config/filter.d/vsftpd.conf	2007-01-08 21:16:57 UTC (rev 519)
+++ trunk/config/filter.d/vsftpd.conf	2007-01-08 21:40:37 UTC (rev 520)
@@ -15,6 +15,7 @@
 # Values: TEXT
 #
 failregex = vsftpd: \(pam_unix\) authentication failure; .* rhost=<HOST>
+            \[.+\] FAIL LOGIN: Client "<HOST>"$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.

Added: trunk/config/filter.d/wuftpd.conf
===================================================================
--- trunk/config/filter.d/wuftpd.conf	                        (rev 0)
+++ trunk/config/filter.d/wuftpd.conf	2007-01-08 21:40:37 UTC (rev 520)
@@ -0,0 +1,14 @@
+# Fail2Ban configuration file for wuftpd
+#
+# Author: Yaroslav Halchenko
+#
+# $Revision:  $
+#
+
+[Definition]
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile.
+# Values: TEXT
+#
+failregex = wu-ftpd\[\d+\]:\s+\(pam_unix\)\s+authentication failure.* rhost=<HOST>


Property changes on: trunk/config/filter.d/wuftpd.conf
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [522] trunk

[<los...@us...>]

Revision: 522
          http://svn.sourceforge.net/fail2ban/?rev=522&view=rev
Author:   lostcontrol
Date:     2007-01-21 14:19:57 -0800 (Sun, 21 Jan 2007)

Log Message:
-----------
- Call Python interpreter directly (instead of using "env")

Modified Paths:
--------------
    trunk/fail2ban-client
    trunk/fail2ban-server
    trunk/fail2ban-testcases
    trunk/setup.py

Modified: trunk/fail2ban-client
===================================================================
--- trunk/fail2ban-client	2007-01-21 22:17:56 UTC (rev 521)
+++ trunk/fail2ban-client	2007-01-21 22:19:57 UTC (rev 522)
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python
 # This file is part of Fail2Ban.
 #
 # Fail2Ban is free software; you can redistribute it and/or modify

Modified: trunk/fail2ban-server
===================================================================
--- trunk/fail2ban-server	2007-01-21 22:17:56 UTC (rev 521)
+++ trunk/fail2ban-server	2007-01-21 22:19:57 UTC (rev 522)
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python
 # This file is part of Fail2Ban.
 #
 # Fail2Ban is free software; you can redistribute it and/or modify

Modified: trunk/fail2ban-testcases
===================================================================
--- trunk/fail2ban-testcases	2007-01-21 22:17:56 UTC (rev 521)
+++ trunk/fail2ban-testcases	2007-01-21 22:19:57 UTC (rev 522)
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python
 # This file is part of Fail2Ban.
 #
 # Fail2Ban is free software; you can redistribute it and/or modify

Modified: trunk/setup.py
===================================================================
--- trunk/setup.py	2007-01-21 22:17:56 UTC (rev 521)
+++ trunk/setup.py	2007-01-21 22:19:57 UTC (rev 522)
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python
 
 # This file is part of Fail2Ban.
 #


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [523] trunk

[<los...@us...>]

Revision: 523
          http://svn.sourceforge.net/fail2ban/?rev=523&view=rev
Author:   lostcontrol
Date:     2007-01-21 14:21:13 -0800 (Sun, 21 Jan 2007)

Log Message:
-----------
- Added file support to fail2ban-regex. Benchmark feature has been removed

Modified Paths:
--------------
    trunk/fail2ban-regex
    trunk/man/fail2ban-client.1
    trunk/man/fail2ban-regex.1
    trunk/man/fail2ban-server.1
    trunk/man/generate-man

Modified: trunk/fail2ban-regex
===================================================================
--- trunk/fail2ban-regex	2007-01-21 22:19:57 UTC (rev 522)
+++ trunk/fail2ban-regex	2007-01-21 22:21:13 UTC (rev 523)
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python -O
 # This file is part of Fail2Ban.
 #
 # Fail2Ban is free software; you can redistribute it and/or modify
@@ -25,12 +25,14 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-import locale, getopt, sys, time, logging, gc
+import getopt, sys, time, logging, os
 
 # Inserts our own modules path first in the list
 # fix for bug #343821
 sys.path.insert(1, "/usr/share/fail2ban")
 
+from ConfigParser import SafeConfigParser
+from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
 from common.version import version
 from server.filter import Filter
 from server.regex import RegexException
@@ -38,13 +40,38 @@
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.regex")
 
+class RegexStat:
+
+	def __init__(self, failregex):
+		self.__stats = 0
+		self.__failregex = failregex
+		self.__ipList = list()
+	
+	def inc(self):
+		self.__stats += 1
+	
+	def getStats(self):
+		return self.__stats
+
+	def getFailRegex(self):
+		return self.__failregex
+	
+	def appendIP(self, value):
+		self.__ipList.extend(value)
+	
+	def getIPList(self):
+		return self.__ipList
+
 class Fail2banRegex:
 	
+	test = None
+	
 	def __init__(self):
 		self.__filter = Filter(None)
+		self.__failregex = list()
 		# Setup logging
 		logging.getLogger("fail2ban").handlers = []
-		self.__hdlr = logging.StreamHandler(sys.stdout)
+		self.__hdlr = logging.StreamHandler(Fail2banRegex.test)
 		# set a format which is simpler for console use
 		formatter = logging.Formatter("%(message)s")
 		# tell the handler to use this format
@@ -52,7 +79,8 @@
 		logging.getLogger("fail2ban").addHandler(self.__hdlr)
 		logging.getLogger("fail2ban").setLevel(logging.ERROR)
 	
-	def dispVersion(self):
+	@staticmethod
+	def dispVersion():
 		print "Fail2Ban v" + version
 		print
 		print "Copyright (c) 2004-2006 Cyril Jaquier"
@@ -62,15 +90,27 @@
 		print "Written by Cyril Jaquier <los...@us...>."
 		print "Many contributions by Yaroslav O. Halchenko <de...@on...>."
 	
-	def dispUsage(self):
-		print "Usage: "+sys.argv[0]+" <logline> <failregex>"
+	@staticmethod
+	def dispUsage():
+		print "Usage: "+sys.argv[0]+" [OPTIONS] <LOG> <REGEX>"
 		print
 		print "Fail2Ban v" + version + " reads log file that contains password failure report"
 		print "and bans the corresponding IP addresses using firewall rules."
 		print
-		print "This tools can test and benchmark your regular expressions for the \"failregex\""
-		print "option."
+		print "This tools can test regular expressions for \"fail2ban\"."
 		print
+		print "Options:"
+		print "    -h, --help              display this help message"
+		print "    -V, --version           print the version"
+		print
+		print "Log:"
+		print "    string                  a string representing a log line"
+		print "    filename                path to a log file (/var/log/auth.log)"
+		print
+		print "Regex:"
+		print "    string                  a string representing a 'failregex'"
+		print "    filename                path to a filter file (filter.d/sshd.conf)"
+		print
 		print "Report bugs to <los...@us...>"
 	
 	def getCmdLineOptions(self, optList):
@@ -78,87 +118,149 @@
 		"""
 		for opt in optList:
 			if opt[0] in ["-h", "--help"]:
-	 			self.dispUsage()
-	 			sys.exit(0)
-	 		elif opt[0] in ["-V", "--version"]:
-	 			self.dispVersion()
-	 			sys.exit(0)
+				self.dispUsage()
+				sys.exit(0)
+			elif opt[0] in ["-V", "--version"]:
+				self.dispVersion()
+				sys.exit(0)
+
+	@staticmethod
+	def logIsFile(value):
+		return os.path.isfile(value)
+
+	def readRegex(self, value):
+		if os.path.isfile(value):
+			reader = SafeConfigParser()
+			try:
+				reader.read(value)
+				self.__failregex = [RegexStat(m)
+									for m in reader.get("Definition", "failregex").split('\n')]
+			except NoSectionError:
+				print "No [Definition] section in " + value
+				return False
+			except NoOptionError:
+				print "No failregex option in " + value
+				return False
+			except MissingSectionHeaderError:
+				print "No section headers in " + value
+				return False
+		else:
+			self.__failregex = [RegexStat(value)]
+		return True
 	
-	def testRegex(self, line, regex):
+	def testRegex(self, line):
+		for regex in self.__failregex:
+			logging.getLogger("fail2ban").setLevel(logging.DEBUG)
+			try:
+				self.__filter.addFailRegex(regex.getFailRegex())
+				try:
+					ret = self.__filter.findFailure(line)
+					if not len(ret) == 0:
+						regex.inc()
+						regex.appendIP(ret)
+				except RegexException, e:
+					print e
+					return False
+				except IndexError:
+					print "Sorry, but no <host> found in regex"
+					return False
+			finally:
+				self.__filter.delFailRegex(0)
+				logging.getLogger("fail2ban").setLevel(logging.CRITICAL)
+	
+	def printStats(self):
 		print
-		try:
-			logging.getLogger("fail2ban").setLevel(logging.DEBUG)
-			self.__filter.addFailRegex(regex)
-			ret = self.__filter.findFailure(line)
+		print "Results"
+		print "======="
+		print
+		
+		# Print title
+		cnt = 1
+		print "Failregex:"
+		for failregex in self.__failregex:
+			print "[" + str(cnt) + "] " + failregex.getFailRegex()
+			cnt += 1
+		
+		print
+		
+		# Print stats
+		cnt = 1
+		total = 0
+		print "Number of matches:"
+		for failregex in self.__failregex:
+			match = failregex.getStats()
+			total += match
+			print "[" + str(cnt) + "] " + str(match) + " match(es)"
+			cnt += 1
+		
+		print
+		
+		if total == 0:
+			print "Sorry, no match"
 			print
-			logging.getLogger("fail2ban").setLevel(logging.CRITICAL)
-		except RegexException, e:
-			print e
+			print "Look at the above section 'Running tests' which could contain important"
+			print "information."
 			return False
-		except IndexError:
-			print "Sorry, but no <host> found in regex"
-			return False
-		if len(ret) == 0:
-			print "Sorry, no match"
-			return False
 		else:
-			print "Success, the following data were found:"
-			timeTuple = time.localtime(ret[0][1])
-			print "Date: " + time.strftime("%a %b %d %H:%M:%S %Y", timeTuple)
-			ipList = ""
-			for i in ret:
-				ipList = ipList + " " + i[0]
-			print "IP  :" + ipList
+			# Print stats
+			cnt = 1
+			print "Addresses found:"
+			for failregex in self.__failregex:
+				print "[" + str(cnt) + "]"
+				for ip in failregex.getIPList():
+					timeTuple = time.localtime(ip[1])
+					timeString = time.strftime("%a %b %d %H:%M:%S %Y", timeTuple)
+					print "    " + ip[0] + " (" + timeString + ")"
+				cnt += 1
+			
 			print
+			
 			print "Date template hits:"
 			for template in self.__filter.dateDetector.getTemplates():
 				print `template.getHits()` + " hit: " + template.getName()
+			
 			print
-			print "Benchmark. Executing 1000..."
-			gc.disable()
-			total = 0
-			maxValue = 0
-			maxPos = 0
-			minValue = 99999999
-			minPos = 0
-			for i in range(1000):
-				start = time.time()
-				ret = self.__filter.findFailure(line)
-				end = time.time()
-				diff = (end - start) * 1000
-				total = total + diff
-				minValue = min(minValue, diff)
-				if minValue == diff:
-					minPos = i
-				maxValue = max(maxValue, diff)
-				if maxValue == diff:
-					maxPos = i
-			gc.enable()
-			print "Performance"
-			print "Avg: " + `total / 1000` + " ms"
-			print "Max: " + `maxValue` + " ms (Run " + `maxPos` + ")"
-			print "Min: " + `minValue` + " ms (Run " + `minPos` + ")"
+			
+			print "Success, the total number of match is " + str(total)
+			print
+			print "However, look at the above section 'Running tests' which could contain important"
+			print "information."
 			return True
+
 			
 if __name__ == "__main__":
-	regex = Fail2banRegex()
+	fail2banRegex = Fail2banRegex()
 	# Reads the command line options.
 	try:
 		cmdOpts = 'hV'
 		cmdLongOpts = ['help', 'version']
 		optList, args = getopt.getopt(sys.argv[1:], cmdOpts, cmdLongOpts)
 	except getopt.GetoptError:
-		regex.dispUsage()
+		fail2banRegex.dispUsage()
 		sys.exit(-1)
 	# Process command line
-	regex.getCmdLineOptions(optList)
+	fail2banRegex.getCmdLineOptions(optList)
 	# We need exactly 3 parameters
-	if len(sys.argv) <> 3:
-		regex.dispUsage()
+	if not len(sys.argv) == 3:
+		fail2banRegex.dispUsage()
 		sys.exit(-1)
 	else:
-		ret = regex.testRegex(sys.argv[1], sys.argv[2])
-		if ret:
+		if fail2banRegex.readRegex(sys.argv[2]) == False:
+			sys.exit(-1)
+
+		print
+		print "Running tests"
+		print "============="
+		print
+
+		if fail2banRegex.logIsFile(sys.argv[1]):
+			hdlr = open(sys.argv[1])
+			for line in hdlr:
+				fail2banRegex.testRegex(line)
+		else:
+			fail2banRegex.testRegex(sys.argv[1])
+		
+		if fail2banRegex.printStats():
 			sys.exit(0)
 		else:
 			sys.exit(-1)

Modified: trunk/man/fail2ban-client.1
===================================================================
--- trunk/man/fail2ban-client.1	2007-01-21 22:19:57 UTC (rev 522)
+++ trunk/man/fail2ban-client.1	2007-01-21 22:21:13 UTC (rev 523)
@@ -1,12 +1,11 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-CLIENT "1" "January 2007" "fail2ban-client v0.7.6" "User Commands"
+.TH FAIL2BAN-CLIENT "1" "January 2007" "fail2ban-client v0.7.6-SVN" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
-.SH SYNOPSIS
-.B fail2ban-client
-[\fIOPTIONS\fR]... \fI<COMMAND>\fR
 .SH DESCRIPTION
-Fail2Ban v0.7.6 reads log file that contains password failure report
+[?1034hUsage: ../fail2ban\-client [OPTIONS]... <COMMAND>
+.PP
+Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP

Modified: trunk/man/fail2ban-regex.1
===================================================================
--- trunk/man/fail2ban-regex.1	2007-01-21 22:19:57 UTC (rev 522)
+++ trunk/man/fail2ban-regex.1	2007-01-21 22:21:13 UTC (rev 523)
@@ -1,16 +1,36 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-REGEX "1" "January 2007" "fail2ban-regex v0.7.6" "User Commands"
+.TH FAIL2BAN-REGEX "1" "January 2007" "fail2ban-regex v0.7.6-SVN" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
 .B fail2ban-regex
-\fI<logline> <failregex>\fR
+[\fIOPTIONS\fR] \fI<LOG> <REGEX>\fR
 .SH DESCRIPTION
-Fail2Ban v0.7.6 reads log file that contains password failure report
+Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
-This tools can test and benchmark your regular expressions for the "failregex"
-option.
+This tools can test regular expressions for "fail2ban".
+.SH OPTIONS
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+display this help message
+.TP
+\fB\-V\fR, \fB\-\-version\fR
+print the version
+.SH LOG
+.TP
+\fBstring\fR
+a string representing a log line
+.TP
+\fBfilename\fR
+path to a log file (/var/log/auth.log)
+.SH REGEX
+.TP
+\fBstring\fR
+a string representing a 'failregex'
+.TP
+\fBfilename\fR
+path to a filter file (filter.d/sshd.conf)
 .SH AUTHOR
 Written by Cyril Jaquier <los...@us...>.
 Many contributions by Yaroslav O. Halchenko <de...@on...>.

Modified: trunk/man/fail2ban-server.1
===================================================================
--- trunk/man/fail2ban-server.1	2007-01-21 22:19:57 UTC (rev 522)
+++ trunk/man/fail2ban-server.1	2007-01-21 22:21:13 UTC (rev 523)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-SERVER "1" "January 2007" "fail2ban-server v0.7.6" "User Commands"
+.TH FAIL2BAN-SERVER "1" "January 2007" "fail2ban-server v0.7.6-SVN" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
 [\fIOPTIONS\fR]
 .SH DESCRIPTION
-Fail2Ban v0.7.6 reads log file that contains password failure report
+Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 Only use this command for debugging purpose. Start the server with

Modified: trunk/man/generate-man
===================================================================
--- trunk/man/generate-man	2007-01-21 22:19:57 UTC (rev 522)
+++ trunk/man/generate-man	2007-01-21 22:21:13 UTC (rev 523)
@@ -40,4 +40,30 @@
 echo -n "Generating fail2ban-regex  "
 help2man --section=1 --no-info --include=fail2ban-regex.h2m --output fail2ban-regex.1 ../fail2ban-regex
 echo "[done]"
-
+echo -n "Patching fail2ban-regex    "
+# Changes the title.
+sed -i -e 's/.SS "Log:"/.SH LOG/' fail2ban-regex.1
+sed -i -e 's/.SS "Regex:"/.SH REGEX/' fail2ban-regex.1
+# Sets bold font for commands.
+IFS="
+"
+NEXT=0
+FOUND=0
+LINES=$( cat fail2ban-regex.1 )
+echo -n "" > fail2ban-regex.1
+for LINE in $LINES; do
+	if [ "$LINE" = ".SH LOG" ]; then
+		FOUND=1
+	fi
+	if [ $NEXT -eq 1 ] && [ $FOUND -eq 1 ]; then
+		echo "\fB$LINE\fR" >> fail2ban-regex.1
+	else
+		echo "$LINE" >> fail2ban-regex.1
+	fi
+	if [ "$LINE" = ".TP" ]; then
+		NEXT=1
+	else
+		NEXT=0
+	fi
+done
+echo "[done]"


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [527] trunk

[<los...@us...>]

Revision: 527
          http://svn.sourceforge.net/fail2ban/?rev=527&view=rev
Author:   lostcontrol
Date:     2007-01-29 12:25:50 -0800 (Mon, 29 Jan 2007)

Log Message:
-----------
- Added initial cacti script. Still needs testing, template, etc

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/MANIFEST

Added Paths:
-----------
    trunk/files/cacti/fail2ban_stats.sh

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-29 20:25:42 UTC (rev 526)
+++ trunk/CHANGELOG	2007-01-29 20:25:50 UTC (rev 527)
@@ -17,6 +17,7 @@
 - Call Python interpreter directly (instead of using "env")
 - Added file support to fail2ban-regex. Benchmark feature has
   been removed
+- Added cacti script and template.
 
 ver. 0.7.6 (2007/01/04) - beta
 ----------

Modified: trunk/MANIFEST
===================================================================
--- trunk/MANIFEST	2007-01-29 20:25:42 UTC (rev 526)
+++ trunk/MANIFEST	2007-01-29 20:25:50 UTC (rev 527)
@@ -90,3 +90,4 @@
 man/generate-man
 files/gentoo-initd
 files/redhat-initd
+files/cacti/fail2ban_stats.sh

Added: trunk/files/cacti/fail2ban_stats.sh
===================================================================
--- trunk/files/cacti/fail2ban_stats.sh	                        (rev 0)
+++ trunk/files/cacti/fail2ban_stats.sh	2007-01-29 20:25:50 UTC (rev 527)
@@ -0,0 +1,47 @@
+#!/bin/bash
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
+# This script can be used to collect data for Cacti. One parameter is needed,
+# the jail name. It must be a currently running jail. The script returns two
+# value: the number of failures and the number of banned host.
+#
+# If Fail2ban is not available in the path, you can change the value of the
+# variable FAIL2BAN below.. You can add option to this variable too. Please
+# look at the man page of fail2ban-client for more information.
+#
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+FAIL2BAN="fail2ban-client"
+
+JAIL=$1
+
+if [ -z $JAIL ]; then
+	echo "Usage:" `basename $0` "<jail>"
+	exit
+fi
+
+IFS=""
+
+STATS=$($FAIL2BAN status $JAIL)
+
+TOTAL_FAILED=$(echo $STATS | grep "Total failed:" | awk '{ print $5 }')
+TOTAL_BANNED=$(echo $STATS | grep "Total banned:" | awk '{ print $4 }')
+
+echo "failed:"$TOTAL_FAILED "banned:"$TOTAL_BANNED
+


Property changes on: trunk/files/cacti/fail2ban_stats.sh
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [535] trunk

[<los...@us...>]

Revision: 535
          http://svn.sourceforge.net/fail2ban/?rev=535&view=rev
Author:   lostcontrol
Date:     2007-01-29 13:46:59 -0800 (Mon, 29 Jan 2007)

Log Message:
-----------
- Added IP list in "status <JAIL>". Thanks to Eric Gerbier

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README
    trunk/client/beautifier.py
    trunk/server/actions.py
    trunk/server/banmanager.py
    trunk/server/failmanager.py
    trunk/server/filter.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/CHANGELOG	2007-01-29 21:46:59 UTC (rev 535)
@@ -18,6 +18,7 @@
 - Added file support to fail2ban-regex. Benchmark feature has
   been removed
 - Added cacti script and template.
+- Added IP list in "status <JAIL>". Thanks to Eric Gerbier
 
 ver. 0.7.6 (2007/01/04) - beta
 ----------

Modified: trunk/README
===================================================================
--- trunk/README	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/README	2007-01-29 21:46:59 UTC (rev 535)
@@ -73,7 +73,7 @@
 Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
 Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
 Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
-René Berber, mEDI, Axel Thimm
+René Berber, mEDI, Axel Thimm, Eric Gerbier
 
 License:
 --------

Modified: trunk/client/beautifier.py
===================================================================
--- trunk/client/beautifier.py	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/client/beautifier.py	2007-01-29 21:46:59 UTC (rev 535)
@@ -70,11 +70,13 @@
 				if len(inC) > 1:
 					msg = "Status for the jail: " + inC[1] + "\n"
 					msg = msg + "|- " + response[0][0] + "\n"
-					msg = msg + "|  |- " + response[0][1][0][0] + ":\t\t" + `response[0][1][0][1]` + "\n"
-					msg = msg + "|  `- " + response[0][1][1][0] + ":\t\t" + `response[0][1][1][1]` + "\n"
+					msg = msg + "|  |- " + response[0][1][0][0] + ":\t" + `response[0][1][0][1]` + "\n"
+					msg = msg + "|  |  `- " + response[0][1][2][0] + ":\t" + `response[0][1][2][1]` + "\n"
+					msg = msg + "|  `- " + response[0][1][1][0] + ":\t" + `response[0][1][1][1]` + "\n"
 					msg = msg + "`- " + response[1][0] + "\n"
-					msg = msg + "   |- " + response[1][1][0][0] + ":\t\t" + `response[1][1][0][1]` + "\n"
-					msg = msg + "   `- " + response[1][1][1][0] + ":\t\t" + `response[1][1][1][1]`
+					msg = msg + "   |- " + response[1][1][0][0] + ":\t" + `response[1][1][0][1]` + "\n"
+					msg = msg + "   |  `- " + response[1][1][2][0] + ":\t" + `response[1][1][2][1]` + "\n"
+					msg = msg + "   `- " + response[1][1][1][0] + ":\t" + `response[1][1][1][1]`
 				else:
 					msg = "Status\n"
 					msg = msg + "|- " + response[0][0] + ":\t" + `response[0][1]` + "\n"

Modified: trunk/server/actions.py
===================================================================
--- trunk/server/actions.py	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/server/actions.py	2007-01-29 21:46:59 UTC (rev 535)
@@ -189,6 +189,6 @@
 	
 	def status(self):
 		ret = [("Currently banned", self.__banManager.size()), 
-			   ("Total banned", self.__banManager.getBanTotal())]
+			   ("Total banned", self.__banManager.getBanTotal()),
+			   ("IP list", self.__banManager.getBanList())]
 		return ret
-		
\ No newline at end of file

Modified: trunk/server/banmanager.py
===================================================================
--- trunk/server/banmanager.py	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/server/banmanager.py	2007-01-29 21:46:59 UTC (rev 535)
@@ -100,7 +100,19 @@
 			return self.__banTotal
 		finally:
 			self.__lock.release()
+
+	##
+	# Returns a copy of the IP list.
+	#
+	# @return IP list
 	
+	def getBanList(self):
+		try:
+			self.__lock.acquire()
+			return list(self.__banList)
+		finally:
+			self.__lock.release()
+
 	##
 	# Create a ban ticket.
 	#

Modified: trunk/server/failmanager.py
===================================================================
--- trunk/server/failmanager.py	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/server/failmanager.py	2007-01-29 21:46:59 UTC (rev 535)
@@ -77,6 +77,18 @@
 		finally:
 			self.__lock.release()
 
+	##
+	# Returns a copy of the IP list.
+	#
+	# @return IP list
+	
+	def getBanList(self):
+		try:
+			self.__lock.acquire()
+			return list(self.__failList)
+		finally:
+			self.__lock.release()
+
 	def addFailure(self, ticket):
 		self.__lock.acquire()
 		ip = ticket.getIP()

Modified: trunk/server/filter.py
===================================================================
--- trunk/server/filter.py	2007-01-29 20:51:43 UTC (rev 534)
+++ trunk/server/filter.py	2007-01-29 21:46:59 UTC (rev 535)
@@ -463,7 +463,8 @@
 	
 	def status(self):
 		ret = [("Currently failed", self.failManager.size()), 
-			   ("Total failed", self.failManager.getFailTotal())]
+			   ("Total failed", self.failManager.getFailTotal()),
+			   ("IP List", self.failManager.getBanList())]
 		return ret
 
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [537] trunk

[<los...@us...>]

Revision: 537
          http://svn.sourceforge.net/fail2ban/?rev=537&view=rev
Author:   lostcontrol
Date:     2007-02-01 12:50:12 -0800 (Thu, 01 Feb 2007)

Log Message:
-----------
- Removed IP list in status for failmanager

Modified Paths:
--------------
    trunk/client/beautifier.py
    trunk/server/failmanager.py
    trunk/server/filter.py

Modified: trunk/client/beautifier.py
===================================================================
--- trunk/client/beautifier.py	2007-01-31 22:31:42 UTC (rev 536)
+++ trunk/client/beautifier.py	2007-02-01 20:50:12 UTC (rev 537)
@@ -71,7 +71,6 @@
 					msg = "Status for the jail: " + inC[1] + "\n"
 					msg = msg + "|- " + response[0][0] + "\n"
 					msg = msg + "|  |- " + response[0][1][0][0] + ":\t" + `response[0][1][0][1]` + "\n"
-					msg = msg + "|  |  `- " + response[0][1][2][0] + ":\t" + `response[0][1][2][1]` + "\n"
 					msg = msg + "|  `- " + response[0][1][1][0] + ":\t" + `response[0][1][1][1]` + "\n"
 					msg = msg + "`- " + response[1][0] + "\n"
 					msg = msg + "   |- " + response[1][1][0][0] + ":\t" + `response[1][1][0][1]` + "\n"

Modified: trunk/server/failmanager.py
===================================================================
--- trunk/server/failmanager.py	2007-01-31 22:31:42 UTC (rev 536)
+++ trunk/server/failmanager.py	2007-02-01 20:50:12 UTC (rev 537)
@@ -77,18 +77,6 @@
 		finally:
 			self.__lock.release()
 
-	##
-	# Returns a copy of the IP list.
-	#
-	# @return IP list
-	
-	def getBanList(self):
-		try:
-			self.__lock.acquire()
-			return [m.getIP() for m in self.__failList]
-		finally:
-			self.__lock.release()
-
 	def addFailure(self, ticket):
 		self.__lock.acquire()
 		ip = ticket.getIP()

Modified: trunk/server/filter.py
===================================================================
--- trunk/server/filter.py	2007-01-31 22:31:42 UTC (rev 536)
+++ trunk/server/filter.py	2007-02-01 20:50:12 UTC (rev 537)
@@ -463,8 +463,7 @@
 	
 	def status(self):
 		ret = [("Currently failed", self.failManager.size()), 
-			   ("Total failed", self.failManager.getFailTotal()),
-			   ("IP List", self.failManager.getBanList())]
+			   ("Total failed", self.failManager.getFailTotal())]
 		return ret
 
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [543] trunk

[<los...@us...>]

Revision: 543
          http://svn.sourceforge.net/fail2ban/?rev=543&view=rev
Author:   lostcontrol
Date:     2007-02-08 13:14:01 -0800 (Thu, 08 Feb 2007)

Log Message:
-----------
- Updated for 0.7.7

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README
    trunk/common/version.py
    trunk/man/fail2ban-client.1
    trunk/man/fail2ban-regex.1
    trunk/man/fail2ban-server.1

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/CHANGELOG	2007-02-08 21:14:01 UTC (rev 543)
@@ -4,10 +4,10 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.7)                           2007/??/??
+Fail2Ban (version 0.7.7)                           2007/02/08
 =============================================================
 
-ver. 0.7.7 (2007/??/??)
+ver. 0.7.7 (2007/02/08) - release candidate
 ----------
 - Added signal handling in fail2ban-client
 - Added a wonderful visual effect when waiting on the server

Modified: trunk/README
===================================================================
--- trunk/README	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/README	2007-02-08 21:14:01 UTC (rev 543)
@@ -4,7 +4,7 @@
              |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 =============================================================
-Fail2Ban (version 0.7.6)                           2007/01/04
+Fail2Ban (version 0.7.7)                           2007/02/08
 =============================================================
 
 Fail2Ban scans log files like /var/log/pwdfail and bans IP
@@ -28,8 +28,8 @@
 
 To install, just do:
 
-> tar xvfj fail2ban-0.7.6.tar.bz2
-> cd fail2ban-0.7.6
+> tar xvfj fail2ban-0.7.7.tar.bz2
+> cd fail2ban-0.7.7
 > python setup.py install
 
 This will install Fail2Ban into /usr/share/fail2ban. The

Modified: trunk/common/version.py
===================================================================
--- trunk/common/version.py	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/common/version.py	2007-02-08 21:14:01 UTC (rev 543)
@@ -24,4 +24,4 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-version = "0.7.6-SVN"
+version = "0.7.7"

Modified: trunk/man/fail2ban-client.1
===================================================================
--- trunk/man/fail2ban-client.1	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/man/fail2ban-client.1	2007-02-08 21:14:01 UTC (rev 543)
@@ -1,11 +1,11 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-CLIENT "1" "January 2007" "fail2ban-client v0.7.6-SVN" "User Commands"
+.TH FAIL2BAN-CLIENT "1" "February 2007" "fail2ban-client v0.7.7" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
 .SH DESCRIPTION
 [?1034hUsage: ../fail2ban\-client [OPTIONS] <COMMAND>
 .PP
-Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.7 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP

Modified: trunk/man/fail2ban-regex.1
===================================================================
--- trunk/man/fail2ban-regex.1	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/man/fail2ban-regex.1	2007-02-08 21:14:01 UTC (rev 543)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-REGEX "1" "January 2007" "fail2ban-regex v0.7.6-SVN" "User Commands"
+.TH FAIL2BAN-REGEX "1" "February 2007" "fail2ban-regex v0.7.7" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
 .B fail2ban-regex
 [\fIOPTIONS\fR] \fI<LOG> <REGEX>\fR
 .SH DESCRIPTION
-Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.7 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 This tools can test regular expressions for "fail2ban".

Modified: trunk/man/fail2ban-server.1
===================================================================
--- trunk/man/fail2ban-server.1	2007-02-08 19:32:18 UTC (rev 542)
+++ trunk/man/fail2ban-server.1	2007-02-08 21:14:01 UTC (rev 543)
@@ -1,12 +1,12 @@
 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-SERVER "1" "January 2007" "fail2ban-server v0.7.6-SVN" "User Commands"
+.TH FAIL2BAN-SERVER "1" "February 2007" "fail2ban-server v0.7.7" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
 [\fIOPTIONS\fR]
 .SH DESCRIPTION
-Fail2Ban v0.7.6\-SVN reads log file that contains password failure report
+Fail2Ban v0.7.7 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 Only use this command for debugging purpose. Start the server with


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [548] trunk

[<los...@us...>]

Revision: 548
          http://svn.sourceforge.net/fail2ban/?rev=548&view=rev
Author:   lostcontrol
Date:     2007-02-11 15:22:32 -0800 (Sun, 11 Feb 2007)

Log Message:
-----------
- Updated

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/TODO

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-02-11 23:21:56 UTC (rev 547)
+++ trunk/CHANGELOG	2007-02-11 23:22:32 UTC (rev 548)
@@ -7,6 +7,10 @@
 Fail2Ban (version 0.7.7)                           2007/02/08
 =============================================================
 
+ver. 0.?.? (2007/??/??) - ???
+----------
+- Fixed asctime pattern in datedetector.py
+
 ver. 0.7.7 (2007/02/08) - release candidate
 ----------
 - Added signal handling in fail2ban-client

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2007-02-11 23:21:56 UTC (rev 547)
+++ trunk/TODO	2007-02-11 23:22:32 UTC (rev 548)
@@ -13,6 +13,12 @@
 # partially done
 * done
 
+- Discuss where Fail2ban should be installed (/usr/share,
+  /usr/lib/python/site-packages/, etc)
+
+- Cleanup fail2ban-client and fail2ban-server. Move code to
+  server/ and client/
+
 - Add timeout to external commands (signal alarm, watchdog
   thread, etc)
 
@@ -22,7 +28,7 @@
   (openssh, postfix, proftp)
 
 - Added <USER> tag for failregex. Add features using this
-  information
+  information. Maybe add more tags
 
 - Look at the memory consumption. Decrease memory usage
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [549] trunk

[<los...@us...>]

Revision: 549
          http://svn.sourceforge.net/fail2ban/?rev=549&view=rev
Author:   lostcontrol
Date:     2007-02-12 13:50:50 -0800 (Mon, 12 Feb 2007)

Log Message:
-----------
- Added new filter for spam bots
- Added new action for buffered mails

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/MANIFEST
    trunk/config/jail.conf

Added Paths:
-----------
    trunk/config/action.d/mail-buffered.conf
    trunk/config/filter.d/apache-badbots.conf

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-02-11 23:22:32 UTC (rev 548)
+++ trunk/CHANGELOG	2007-02-12 21:50:50 UTC (rev 549)
@@ -10,6 +10,7 @@
 ver. 0.?.? (2007/??/??) - ???
 ----------
 - Fixed asctime pattern in datedetector.py
+- Added new filters/actions. Thanks to Yaroslav Halchenko
 
 ver. 0.7.7 (2007/02/08) - release candidate
 ----------

Modified: trunk/MANIFEST
===================================================================
--- trunk/MANIFEST	2007-02-11 23:22:32 UTC (rev 548)
+++ trunk/MANIFEST	2007-02-12 21:50:50 UTC (rev 549)
@@ -78,6 +78,7 @@
 config/action.d/mail-whois.conf
 config/action.d/mail-whois-lines.conf
 config/action.d/mail.conf
+config/action.d/mail-buffered.conf
 config/action.d/hostsdeny.conf
 config/action.d/shorewall.conf
 config/fail2ban.conf

Added: trunk/config/action.d/mail-buffered.conf
===================================================================
--- trunk/config/action.d/mail-buffered.conf	                        (rev 0)
+++ trunk/config/action.d/mail-buffered.conf	2007-02-12 21:50:50 UTC (rev 549)
@@ -0,0 +1,88 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+# $Revision: 510 $
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = echo -en "Hi,\n
+              The jail <name> has been started successfuly.\n
+              Output will be buffered until <lines> lines are available.\n
+              Regards,\n
+              Fail2Ban"|mail -s "[Fail2Ban] <name>: started" <dest>
+
+# Option:  actionend
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop = if [ -d <tmpfile> ]; then
+                 echo -en "Hi,\n
+                 These hosts have been banned by Fail2Ban.\n
+                 `cat <tmpfile>`
+                 Regards,\n
+                 Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
+                 rm <tmpfile>
+             fi
+             echo -en "Hi,\n
+             The jail <name> has been stopped.\n
+             Regards,\n
+             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped" <dest>
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = 
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = echo `date`": <ip> (<failures> failures)" >> <tmpfile>
+            LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
+            if [ $LINE -eq <lines> ]; then
+                echo -en "Hi,\n
+                These hosts have been banned by Fail2Ban.\n
+                `cat <tmpfile>`
+                Regards,\n
+                Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
+                rm <tmpfile>
+            fi
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionunban = 
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Default number of lines that are buffered
+#
+lines = 5
+
+# Default temporary file
+#
+tmpfile = /tmp/fail2ban-mail.txt
+
+# Destination/Addressee of the mail
+#
+dest = root

Added: trunk/config/filter.d/apache-badbots.conf
===================================================================
--- trunk/config/filter.d/apache-badbots.conf	                        (rev 0)
+++ trunk/config/filter.d/apache-badbots.conf	2007-02-12 21:50:50 UTC (rev 549)
@@ -0,0 +1,25 @@
+# Fail2Ban configuration file
+#
+# List of bad bots fetched from http://www.user-agents.org
+# Generated on Sun Feb 11 01:09:15 EST 2007 by ./badbots.sh
+#
+# Author: Yaroslav Halchenko
+#
+#
+
+[Definition]
+badbotscustom = EmailCollector|WebEMailExtrac
+badbots = atSpider/1\.0|autoemailspider|China Local Browse 2\.6|ContentSmartz|DataCha0s/2\.0|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 +http\://letscrawl\.com/|Lincoln State Web Browser|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|MVAClient|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|sogou spider|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|WebVulnCrawl\.blogspot\.com/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00
+
+# Option:  failregex
+# Notes.:  Regexp to catch known spambots and software alike. Please verify that
+#          it is your intent to block IPs which were driven by abovementioned bots
+# Values:  TEXT
+#
+failregex = ^(?P<host>\S*) -.*"GET.*HTTP.*"(?:%(badbots)s|%(badbotscustom)s)"$
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex =

Modified: trunk/config/jail.conf
===================================================================
--- trunk/config/jail.conf	2007-02-11 23:22:32 UTC (rev 548)
+++ trunk/config/jail.conf	2007-02-12 21:50:50 UTC (rev 549)
@@ -117,6 +117,19 @@
 maxretry = 5
 bantime  = 1800
 
+# Ban hosts which agent identifies spammer robots crawling the web
+# for email addresses. The mail outputs are buffered.
+
+[apache-badbots]
+
+enabled  = false
+filter   = apache-badbots
+action   = iptables-multiport[name=BadBots, port="http,https"]
+           mail-buffered[name=BadBots, lines=5, dest=you...@ma...]
+logpath  = /var/www/*/logs/access_log
+bantime  = 172800
+maxretry = 1
+
 # Use shorewall instead of iptables.
 
 [apache-shorewall]


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [550] trunk

[<los...@us...>]

Revision: 550
          http://svn.sourceforge.net/fail2ban/?rev=550&view=rev
Author:   lostcontrol
Date:     2007-02-20 12:44:47 -0800 (Tue, 20 Feb 2007)

Log Message:
-----------
- Added Suse init script and modified gentoo-initd. Thanks to Christian Rauch

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/README
    trunk/files/gentoo-initd

Added Paths:
-----------
    trunk/files/suse-initd

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-02-12 21:50:50 UTC (rev 549)
+++ trunk/CHANGELOG	2007-02-20 20:44:47 UTC (rev 550)
@@ -11,6 +11,8 @@
 ----------
 - Fixed asctime pattern in datedetector.py
 - Added new filters/actions. Thanks to Yaroslav Halchenko
+- Added Suse init script and modified gentoo-initd. Thanks to
+  Christian Rauch
 
 ver. 0.7.7 (2007/02/08) - release candidate
 ----------

Modified: trunk/README
===================================================================
--- trunk/README	2007-02-12 21:50:50 UTC (rev 549)
+++ trunk/README	2007-02-20 20:44:47 UTC (rev 550)
@@ -73,7 +73,7 @@
 Jonathan Kamens, Stephen Gildea, Markus Hoffmann, Mark
 Edgington, Patrick Börjesson, kojiro, zugeschmiert, Tyler,
 Nick Munger, Christoph Haas, Justin Shore, Joël Bertrand,
-René Berber, mEDI, Axel Thimm, Eric Gerbier
+René Berber, mEDI, Axel Thimm, Eric Gerbier, Christian Rauch
 
 License:
 --------

Modified: trunk/files/gentoo-initd
===================================================================
--- trunk/files/gentoo-initd	2007-02-12 21:50:50 UTC (rev 549)
+++ trunk/files/gentoo-initd	2007-02-20 20:44:47 UTC (rev 550)
@@ -42,29 +42,11 @@
 }
 
 restart() {
-    if ! service_stopped "${SVCNAME}" ; then
-            svc_stop || return "$?"
-            einfon "Waiting for server to shutdown ."
-			cnt=0
-			while [ 1 ]; do
-				# Ping fail2ban-server
-				${FAIL2BAN} ping &> /dev/null
-				if [ ! "$?" == "0" ]; then
-					break
-				fi
-				cnt=`expr $cnt + 1`
-				if [ $cnt -gt 60 ] ; then
-					# We have waited 1 minute. Failed
-					echo
-					eend 1 "Failed"
-					break
-				fi
-				sleep 1
-				echo -n "."
-			done
-			echo
-    fi
-    svc_start
+	if ! service_stopped "${SVCNAME}" ; then
+		svc_stop || return "$?"
+		sleep 1
+	fi
+	svc_start
 }
 
 reload() {

Added: trunk/files/suse-initd
===================================================================
--- trunk/files/suse-initd	                        (rev 0)
+++ trunk/files/suse-initd	2007-02-20 20:44:47 UTC (rev 550)
@@ -0,0 +1,87 @@
+#!/bin/sh
+#
+# /etc/init.d/fail2ban
+#   and its symbolic link
+# /usr/sbin/rcfail2ban
+#
+### BEGIN INIT INFO
+# Provides:          fail2ban
+# Required-Start:    $syslog $remote_fs postfix
+# Required-Stop:     $syslog $remote_fs
+# Should-Stop: $time ypbind sendmail
+# Default-Start:     3 5
+# Default-Stop:      0 1 2 6
+# Description:       startup Fail2Ban
+### END INIT INFO
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin
+FAIL2BAN_BIN=/usr/local/bin/fail2ban-client
+FAIL2BAN_SERVER=/usr/local/bin/fail2ban-server
+FAIL2BAN_SOCKET=/tmp/fail2ban.sock
+test -x $FAIL2BAN_BIN || { echo "$FAIL2BAN_BIN not installed"; 
+	if [ "$1" = "stop" ]; then exit 0;
+	else exit 5; fi; }
+
+# Check for existence of needed config file and read it
+FAIL2BAN_CONFIG=/etc/fail2ban/fail2ban.conf
+test -r $FAIL2BAN_CONFIG || { echo "$FAIL2BAN_CONFIG not existing";
+	if [ "$1" = "stop" ]; then exit 0;
+	else exit 6; fi; }
+
+. /etc/rc.status
+
+# Reset status of this service
+rc_reset
+
+case "$1" in
+    start)
+	echo -n "Starting Fail2Ban "
+	/sbin/startproc $FAIL2BAN_BIN -q start 2>1 > /dev/null
+	rc_status -v
+	;;
+    stop)
+	echo -n "Shutting down Fail2ban "
+	/sbin/startproc $FAIL2BAN_BIN -q stop
+	rc_status -v
+	;;
+    try-restart|condrestart)
+	if test "$1" = "condrestart"; then
+		echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
+	fi
+	$0 status
+	if test $? = 0; then
+		$0 restart
+	else
+		rc_reset	# Not running is not a failure.
+	fi
+	rc_status
+	;;
+    restart)
+	$0 stop
+	i=60
+	while [ -e $FAIL2BAN_SOCKET ] && [ $i -gt 60 ]
+		sleep 1
+		i=$[i-1]
+		echo -n "."
+	done
+	echo "."
+	$0 start
+
+	# Remember status and be quiet
+	rc_status
+	;;
+    force-reload)
+	echo -n "Reload service Fail2ban "
+	/sbin/startproc $FAIL2BAN_BIN -q reload
+	rc_status -v
+	;;
+    reload)
+	echo -n "Reload service Fail2ban "
+	/sbin/startproc $FAIL2BAN_BIN -q reload
+	rc_status -v
+	;;
+    status)
+	echo -n "Checking for service Fail2ban "
+	/sbin/checkproc $FAIL2BAN_SERVER
+	rc_status -v
+	;;
+    probe)


Property changes on: trunk/files/suse-initd
___________________________________________________________________
Name: svn:executable
   + *


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Fail2ban-commit] SF.net SVN: fail2ban: [553] trunk

[<los...@us...>]

Revision: 553
          http://svn.sourceforge.net/fail2ban/?rev=553&view=rev
Author:   lostcontrol
Date:     2007-02-25 15:53:22 -0800 (Sun, 25 Feb 2007)

Log Message:
-----------
- Moved every locking statements in a try..finally block

Modified Paths:
--------------
    trunk/CHANGELOG
    trunk/server/banmanager.py
    trunk/server/datedetector.py
    trunk/server/failmanager.py

Modified: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	2007-02-22 21:11:30 UTC (rev 552)
+++ trunk/CHANGELOG	2007-02-25 23:53:22 UTC (rev 553)
@@ -13,6 +13,7 @@
 - Added new filters/actions. Thanks to Yaroslav Halchenko
 - Added Suse init script and modified gentoo-initd. Thanks to
   Christian Rauch
+- Moved every locking statements in a try..finally block
 
 ver. 0.7.7 (2007/02/08) - release candidate
 ----------

Modified: trunk/server/banmanager.py
===================================================================
--- trunk/server/banmanager.py	2007-02-22 21:11:30 UTC (rev 552)
+++ trunk/server/banmanager.py	2007-02-25 23:53:22 UTC (rev 553)
@@ -62,9 +62,11 @@
 	# @param value the time
 	
 	def setBanTime(self, value):
-		self.__lock.acquire()
-		self.__banTime = int(value)
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			self.__banTime = int(value)
+		finally:
+			self.__lock.release()
 	
 	##
 	# Get the ban time.
@@ -85,9 +87,11 @@
 	# @param value total number
 	
 	def setBanTotal(self, value):
-		self.__lock.acquire()
-		self.__banTotal = value
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			self.__banTotal = value
+		finally:
+			self.__lock.release()
 	
 	##
 	# Get the total number of banned address.

Modified: trunk/server/datedetector.py
===================================================================
--- trunk/server/datedetector.py	2007-02-22 21:11:30 UTC (rev 552)
+++ trunk/server/datedetector.py	2007-02-25 23:53:22 UTC (rev 553)
@@ -42,44 +42,48 @@
 		self.__defTemplate = DateStrptime()
 	
 	def addDefaultTemplate(self):
-		# standard
-		template = DateStrptime()
-		template.setName("Month Day Hour:Minute:Second")
-		template.setRegex("^\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
-		template.setPattern("%b %d %H:%M:%S")
-		self.__templates.append(template)
-		# asctime
-		template = DateStrptime()
-		template.setName("Weekday Month Day Hour:Minute:Second Year")
-		template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
-		template.setPattern("%a %b %d %H:%M:%S %Y")
-		self.__templates.append(template)
-		# simple date
-		template = DateStrptime()
-		template.setName("Year/Month/Day Hour:Minute:Second")
-		template.setRegex("\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
-		template.setPattern("%Y/%m/%d %H:%M:%S")
-		self.__templates.append(template)
-		# Apache format [31/Oct/2006:09:22:55 -0000]
-		template = DateStrptime()
-		template.setName("Day/Month/Year:Hour:Minute:Second")
-		template.setRegex("\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
-		template.setPattern("%d/%b/%Y:%H:%M:%S")
-		self.__templates.append(template)
-		# Exim 2006-12-21 06:43:20
-		template = DateStrptime()
-		template.setName("Year-Month-Day Hour:Minute:Second")
-		template.setRegex("\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
-		template.setPattern("%Y-%m-%d %H:%M:%S")
-		self.__templates.append(template)
-		# TAI64N
-		template = DateTai64n()
-		template.setName("TAI64N")
-		self.__templates.append(template)
-		# Epoch
-		template = DateEpoch()
-		template.setName("Epoch")
-		self.__templates.append(template)
+		try:
+			self.__lock.acquire()
+			# standard
+			template = DateStrptime()
+			template.setName("Month Day Hour:Minute:Second")
+			template.setRegex("^\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
+			template.setPattern("%b %d %H:%M:%S")
+			self.__templates.append(template)
+			# asctime
+			template = DateStrptime()
+			template.setName("Weekday Month Day Hour:Minute:Second Year")
+			template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
+			template.setPattern("%a %b %d %H:%M:%S %Y")
+			self.__templates.append(template)
+			# simple date
+			template = DateStrptime()
+			template.setName("Year/Month/Day Hour:Minute:Second")
+			template.setRegex("\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
+			template.setPattern("%Y/%m/%d %H:%M:%S")
+			self.__templates.append(template)
+			# Apache format [31/Oct/2006:09:22:55 -0000]
+			template = DateStrptime()
+			template.setName("Day/Month/Year:Hour:Minute:Second")
+			template.setRegex("\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
+			template.setPattern("%d/%b/%Y:%H:%M:%S")
+			self.__templates.append(template)
+			# Exim 2006-12-21 06:43:20
+			template = DateStrptime()
+			template.setName("Year-Month-Day Hour:Minute:Second")
+			template.setRegex("\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
+			template.setPattern("%Y-%m-%d %H:%M:%S")
+			self.__templates.append(template)
+			# TAI64N
+			template = DateTai64n()
+			template.setName("TAI64N")
+			self.__templates.append(template)
+			# Epoch
+			template = DateEpoch()
+			template.setName("Epoch")
+			self.__templates.append(template)
+		finally:
+			self.__lock.release()
 	
 	def getTemplates(self):
 		return self.__templates
@@ -100,14 +104,15 @@
 		if self.__defTemplate.isValid():
 			return self.__defTemplate.matchDate(line)
 		else:
-			self.__lock.acquire()
-			for template in self.__templates:
-				match = template.matchDate(line)
-				if not match == None:
-					self.__lock.release()
-					return match
-			self.__lock.release()
-			return None
+			try:
+				self.__lock.acquire()
+				for template in self.__templates:
+					match = template.matchDate(line)
+					if not match == None:
+						return match
+				return None
+			finally:
+				self.__lock.release()
 
 	def getTime(self, line):
 		if self.__defTemplate.isValid():
@@ -117,19 +122,20 @@
 			except ValueError:
 				return None
 		else:
-			self.__lock.acquire()
-			for template in self.__templates:
-				try:
-					date = template.getDate(line)
-					if date == None:
-						continue
-					template.incHits()
-					self.__lock.release()
-					return date
-				except ValueError:
-					pass
-			self.__lock.release()
-			return None
+			try:
+				self.__lock.acquire()
+				for template in self.__templates:
+					try:
+						date = template.getDate(line)
+						if date == None:
+							continue
+						template.incHits()
+						return date
+					except ValueError:
+						pass
+				return None
+			finally:
+				self.__lock.release()
 
 	def getUnixTime(self, line):
 		date = self.getTime(line)
@@ -143,8 +149,11 @@
 	# in this object and thus should be called from time to time.
 	
 	def sortTemplate(self):
-		self.__lock.acquire()
-		logSys.debug("Sorting the template list")
-		self.__templates.sort(cmp = lambda x, y: cmp(x.getHits(), y.getHits()), 
-							reverse=True)
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			logSys.debug("Sorting the template list")
+			self.__templates.sort(cmp = lambda x, y:
+								cmp(x.getHits(), y.getHits()), 
+								reverse = True)
+		finally:
+			self.__lock.release()

Modified: trunk/server/failmanager.py
===================================================================
--- trunk/server/failmanager.py	2007-02-22 21:11:30 UTC (rev 552)
+++ trunk/server/failmanager.py	2007-02-25 23:53:22 UTC (rev 553)
@@ -42,9 +42,11 @@
 		self.__failTotal = 0
 	
 	def setFailTotal(self, value):
-		self.__lock.acquire()
-		self.__failTotal = value
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			self.__failTotal = value
+		finally:
+			self.__lock.release()
 		
 	def getFailTotal(self):
 		try:
@@ -54,9 +56,11 @@
 			self.__lock.release()
 	
 	def setMaxRetry(self, value):
-		self.__lock.acquire()
-		self.__maxRetry = value
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			self.__maxRetry = value
+		finally:
+			self.__lock.release()
 	
 	def getMaxRetry(self):
 		try:
@@ -66,9 +70,11 @@
 			self.__lock.release()
 	
 	def setMaxTime(self, value):
-		self.__lock.acquire()
-		self.__maxTime = value
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			self.__maxTime = value
+		finally:
+			self.__lock.release()
 	
 	def getMaxTime(self):
 		try:
@@ -78,20 +84,22 @@
 			self.__lock.release()
 
 	def addFailure(self, ticket):
-		self.__lock.acquire()
-		ip = ticket.getIP()
-		unixTime = ticket.getTime()
-		if self.__failList.has_key(ip):
-			fData = self.__failList[ip]
-			fData.inc()
-			fData.setLastTime(unixTime)
-		else:
-			fData = FailData()
-			fData.inc()
-			fData.setLastTime(unixTime)
-			self.__failList[ip] = fData
-		self.__failTotal += 1
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			ip = ticket.getIP()
+			unixTime = ticket.getTime()
+			if self.__failList.has_key(ip):
+				fData = self.__failList[ip]
+				fData.inc()
+				fData.setLastTime(unixTime)
+			else:
+				fData = FailData()
+				fData.inc()
+				fData.setLastTime(unixTime)
+				self.__failList[ip] = fData
+			self.__failTotal += 1
+		finally:
+			self.__lock.release()
 	
 	def size(self):
 		try:
@@ -101,12 +109,14 @@
 			self.__lock.release()
 	
 	def cleanup(self, time):
-		self.__lock.acquire()
-		tmp = self.__failList.copy()
-		for item in tmp:
-			if tmp[item].getLastTime() < time - self.__maxTime:
-				self.__delFailure(item)
-		self.__lock.release()
+		try:
+			self.__lock.acquire()
+			tmp = self.__failList.copy()
+			for item in tmp:
+				if tmp[item].getLastTime() < time - self.__maxTime:
+					self.__delFailure(item)
+		finally:
+			self.__lock.release()
 	
 	def __delFailure(self, ip):
 		if self.__failList.has_key(ip):
@@ -129,4 +139,3 @@
 
 class FailManagerEmpty(Exception):
 	pass
-	
\ No newline at end of file


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.