Precedence of `prefregex` higher as `failregex` should be in head of the convert-stream;

Allow using failure-id (`<HOST>`) within `prefregex` (by common prefix for all expressions specified with `failregex`)
2017-02-21 15:54:25 +01:00 · 2017-02-21 15:54:25 +01:00 · 2fad50b6e8
parent 4ff8d051f4
commit 2fad50b6e8
3 changed files with 12 additions and 10 deletions
--- a/fail2ban/client/filterreader.py
+++ b/fail2ban/client/filterreader.py
@ -69,11 +69,10 @@ class FilterReader(DefinitionInitConfigReader):
 					stream.append(["multi-set", self._jailName, "add" + opt, multi])
 				elif len(multi):
 					stream.append(["set", self._jailName, "add" + opt, multi[0]])
-			elif opt == 'maxlines':
-				# We warn when multiline regex is used without maxlines > 1
-				# therefore keep sure we set this option first.
-				stream.insert(0, ["set", self._jailName, "maxlines", value])
-			elif opt in ('datepattern', 'prefregex'):
+			elif opt in ('maxlines', 'prefregex'):
+				# Be sure we set this options first.
+				stream.insert(0, ["set", self._jailName, opt, value])
+			elif opt in ('datepattern'):
 				stream.append(["set", self._jailName, opt, value])
 			# Do not send a command if the match is empty.
 			elif opt == 'journalmatch':
--- a/fail2ban/server/failregex.py
+++ b/fail2ban/server/failregex.py
@ -337,11 +337,14 @@ class FailRegex(Regex):
 	# avoid construction of invalid object.
 	# @param value the regular expression

-	def __init__(self, regex, **kwargs):
+	def __init__(self, regex, prefRegex=None, **kwargs):
 		# Initializes the parent.
 		Regex.__init__(self, regex, **kwargs)
 		# Check for group "dns", "ip4", "ip6", "fid"
-		if not [grp for grp in FAILURE_ID_GROPS if grp in self._regexObj.groupindex]:
+		if (not [grp for grp in FAILURE_ID_GROPS if grp in self._regexObj.groupindex]
+			and (prefRegex is None or
+				not [grp for grp in FAILURE_ID_GROPS if grp in prefRegex._regexObj.groupindex])
+		):
 			raise RegexException("No failure-id group in '%s'" % self._regex)
 	
 	##
--- a/fail2ban/server/filter.py
+++ b/fail2ban/server/filter.py
@ -150,7 +150,7 @@ class Filter(JailThread):

 	def addFailRegex(self, value):
 		try:
-			regex = FailRegex(value, useDns=self.__useDns)
+			regex = FailRegex(value, prefRegex=self.__prefRegex, useDns=self.__useDns)
 			self.__failRegex.append(regex)
 			if "\n" in regex.getRegex() and not self.getMaxLines() > 1:
 				logSys.warning(
@ -604,11 +604,11 @@ class Filter(JailThread):
 		# Pre-filter fail regex (if available):
 		preGroups = {}
 		if self.__prefRegex:
-			failRegex = self.__prefRegex.search(self.__lineBuffer)
+			self.__prefRegex.search(self.__lineBuffer)
 			if not self.__prefRegex.hasMatched():
 				return failList
-			logSys.log(7, "Pre-filter matched %s", failRegex)
 			preGroups = self.__prefRegex.getGroups()
+			logSys.log(7, "Pre-filter matched %s", preGroups)
 			repl = preGroups.get('content')
 			# Content replacement:
 			if repl: