From df3e4a2742221bbd0fb594aa1a3e28f623aeb40c Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Sat, 15 Feb 2014 14:42:44 +0000
Subject: [PATCH] ENH: Warn when multiline regex used when maxlines not greater
 than 1

---
 fail2ban/client/filterreader.py | 4 +++-
 fail2ban/server/filter.py       | 4 ++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/fail2ban/client/filterreader.py b/fail2ban/client/filterreader.py
index 6728a546..612fd350 100644
--- a/fail2ban/client/filterreader.py
+++ b/fail2ban/client/filterreader.py
@@ -61,7 +61,9 @@ class FilterReader(DefinitionInitConfigReader):
 						stream.append(["set", self._jailName, "addignoreregex", regex])		
 		if self._initOpts:
 			if 'maxlines' in self._initOpts:
-				stream.append(["set", self._jailName, "maxlines", self._initOpts["maxlines"]])
+				# We warn when multiline regex is used without maxlines > 1
+				# therefore keep sure we set this option first.
+				stream.insert(0, ["set", self._jailName, "maxlines", self._initOpts["maxlines"]])
 			if 'datepattern' in self._initOpts:
 				stream.append(["set", self._jailName, "datepattern", self._initOpts["datepattern"]])
 			# Do not send a command if the match is empty.
diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py
index eae79bac..e777d973 100644
--- a/fail2ban/server/filter.py
+++ b/fail2ban/server/filter.py
@@ -95,6 +95,10 @@ class Filter(JailThread):
 		try:
 			regex = FailRegex(value)
 			self.__failRegex.append(regex)
+			if "\n" in regex.getRegex() and not self.getMaxLines() > 1:
+				logSys.warning(
+					"Mutliline regex set for jail '%s' "
+					"but maxlines not greater than 1")
 		except RegexException, e:
 			logSys.error(e)
 			raise e