ENH: moved jail definition for recidive into jail.conf + swapped/commented durations + non-groupping ?:

thanks @cepheid666 for the useful comments

config/filter.d/recidive.conf

@@ -14,20 +14,6 @@
 # different blocking mechanism for this jail versus others (e.g. hostsdeny 
 # for most jails, and shorewall for this one).
 #
-# Configuration example for jail.conf:
-#
-# [recidive]
-# enabled  = true
-# filter   = recidive
-# logpath  = /var/log/fail2ban.log
-# action   = iptables-allports[name=recidive]
-#            sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
-# findtime = 604800
-# bantime  = 86400
-# maxretry = 5
-#
-# $Revision: $
-#
 
 [Definition]
 
@@ -42,7 +28,7 @@ _jailname = recidive
 #          (?:::f{4,6}:)?(?P<host>\S+)
 # Values:  TEXT
 #
-failregex = fail2ban.actions:\s+WARNING\s+\[(.*)\]\s+Ban\s+<HOST>
+failregex = fail2ban.actions:\s+WARNING\s+\[(?:.*)\]\s+Ban\s+<HOST>
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.

config/jail.conf

@@ -264,3 +264,14 @@ action   = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
 logpath  = /var/log/named/security.log
 ignoreip = 168.192.0.1
 
+# Jail for more extended banning of persistent abusers
+[recidive]
+
+enabled  = false
+filter   = recidive
+logpath  = /var/log/fail2ban.log
+action   = iptables-allports[name=recidive]
+           sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
+bantime  = 604800  # 1 week
+findtime = 86400   # 1 day
+maxretry = 5