added findtime configuration parameter

config/fail2ban.conf.default

@@ -24,12 +24,12 @@ debug = false
 logtargets = /var/log/fail2ban.log
 
 # Option: syslog-target
-# Notes.: where to find syslog facility if logtarget SYSLOG
+# Notes.: where to find syslog facility if logtarget SYSLOG.
 # Values: file(socket) hostname hostname:port Default: /dev/log
 syslog-target = /dev/log
 
 # Option: syslog-facility
-# Notes.: which syslog facility to use if logtarget SYSLOG
+# Notes.: which syslog facility to use if logtarget SYSLOG.
 # Values: NUM Default: 1
 syslog-facility = 1
 
@@ -51,6 +51,12 @@ maxretry = 5
 #
 bantime = 600
 
+# Option:  findtime
+# Notes.:  lifetime in seconds of a "failed" log entry.
+# Values:  NUM  Default:  600
+#
+findtime = 600
+
 # Option:  ignoreip
 # Notes.:  space separated list of IP's to be ignored by fail2ban.
 #          You can use CIDR mask in order to specify a range.
@@ -69,7 +75,7 @@ ignoreip = 192.168.0.0/16
 cmdstart = 
 
 # Option:  cmdend
-# Notes.:  command executed once at the end of Fail2Ban
+# Notes.:  command executed once at the end of Fail2Ban.
 # Values:  CMD  Default:
 #
 cmdend = 

debian/changelog

@@ -6,8 +6,10 @@ fail2ban (0.5.2-3) unstable; urgency=low
     from syslog branch) (closes: #323543)
   * Included upstream README and TODO
   * Mentioned in README.Debian that apache section is disabled by default
-  * Adjusted man pages to cross-reference each other (closes: #323840)
+  * Adjusted man pages to cross-reference each other
   * Moved fail2ban man page under section 8 as in upstream
+  * Introduced findtime configuration variable to control the lifetime
+    of caught "failed" log entries (closes: #323840)
   
  -- Yaroslav Halchenko <debian@onerussian.com>  Tue, 16 Aug 2005 11:23:28 -1000
 

fail2ban.py

@@ -15,6 +15,7 @@
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
 # Author: Cyril Jaquier
+# Modified by: Yaroslav Halchenko (SYSLOG, findtime)
 # 
 # $Revision: 1.20.2.13 $
 
@@ -181,6 +182,7 @@ def main():
 					["str", "pidlock", "/var/run/fail2ban.pid"],
 					["int", "maxretry", 3],
 					["int", "bantime", 600],
+					["int", "findtime", 600],
 					["str", "ignoreip", ""],
 					["int", "polltime", 1],
 					["str", "cmdstart", ""],
@@ -292,6 +294,9 @@ def main():
 	
 	# bantime option
 	banTime = conf["bantime"]
+
+	# findtime option
+	findTime = conf["findtime"]
 	
 	# Checks for root user. This is necessary because log files
 	# are owned by root and firewall needs root access.
@@ -310,6 +315,7 @@ def main():
 	
 	logSys.debug("ConfFile is " + conf["conffile"])
 	logSys.debug("BanTime is " + `conf["bantime"]`)
+	logSys.debug("FindTime is " + `conf["findtime"]`)
 	logSys.debug("retryAllowed is " + `conf["maxretry"]`)
 	
 	# Options
@@ -335,8 +341,9 @@ def main():
 	# Options
 	optionValues = (["bool", "enabled", False],
 					["str", "logfile", "/dev/null"],
-					["int", "maxretry", None],
-					["int", "bantime", None],
+					["int", "maxretry", maxretry],
+					["int", "bantime", bantime],
+					["int", "findtime", findtime],
 					["str", "timeregex", ""],
 					["str", "timepattern", ""],
 					["str", "failregex", ""],
@@ -349,19 +356,12 @@ def main():
 	for t in confReader.getSections():
 		l = confReader.getLogOptions(t, optionValues)
 		if l["enabled"]:
-			# Override maxretry option
-			if not l["maxretry"] == None:
-				maxRetry = l["maxretry"]
-			
-			# Override bantime option
-			if not l["bantime"] == None:
-				banTime = l["bantime"]
 			
 			# Creates a logreader object
 			lObj = LogReader(l["logfile"], l["timeregex"], l["timepattern"],
-							 l["failregex"], maxRetry, banTime)
+							 l["failregex"], l["maxretry"], l["findtime"])
 			# Creates a firewall object
-			fObj = Firewall(l["fwban"], l["fwunban"], banTime)
+			fObj = Firewall(l["fwban"], l["fwunban"], l["bantime"])
 			# Links them into a list. I'm not really happy
 			# with this :/
 			logFwList.append([t, lObj, fObj, dict(), l])