From 2fad50b6e8296a03fecc12b542d62350ad662ff5 Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Tue, 21 Feb 2017 15:54:25 +0100
Subject: [PATCH] Precedence of `prefregex` higher as `failregex` should be in
 head of the convert-stream; Allow using failure-id (`<HOST>`) within
 `prefregex` (by common prefix for all expressions specified with `failregex`)

---
 fail2ban/client/filterreader.py | 9 ++++-----
 fail2ban/server/failregex.py    | 7 +++++--
 fail2ban/server/filter.py       | 6 +++---
 3 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/fail2ban/client/filterreader.py b/fail2ban/client/filterreader.py
index 59e78307..9edeb2f3 100644
--- a/fail2ban/client/filterreader.py
+++ b/fail2ban/client/filterreader.py
@@ -69,11 +69,10 @@ class FilterReader(DefinitionInitConfigReader):
 					stream.append(["multi-set", self._jailName, "add" + opt, multi])
 				elif len(multi):
 					stream.append(["set", self._jailName, "add" + opt, multi[0]])
-			elif opt == 'maxlines':
-				# We warn when multiline regex is used without maxlines > 1
-				# therefore keep sure we set this option first.
-				stream.insert(0, ["set", self._jailName, "maxlines", value])
-			elif opt in ('datepattern', 'prefregex'):
+			elif opt in ('maxlines', 'prefregex'):
+				# Be sure we set this options first.
+				stream.insert(0, ["set", self._jailName, opt, value])
+			elif opt in ('datepattern'):
 				stream.append(["set", self._jailName, opt, value])
 			# Do not send a command if the match is empty.
 			elif opt == 'journalmatch':
diff --git a/fail2ban/server/failregex.py b/fail2ban/server/failregex.py
index 5f6ca01f..19a89303 100644
--- a/fail2ban/server/failregex.py
+++ b/fail2ban/server/failregex.py
@@ -337,11 +337,14 @@ class FailRegex(Regex):
 	# avoid construction of invalid object.
 	# @param value the regular expression
 
-	def __init__(self, regex, **kwargs):
+	def __init__(self, regex, prefRegex=None, **kwargs):
 		# Initializes the parent.
 		Regex.__init__(self, regex, **kwargs)
 		# Check for group "dns", "ip4", "ip6", "fid"
-		if not [grp for grp in FAILURE_ID_GROPS if grp in self._regexObj.groupindex]:
+		if (not [grp for grp in FAILURE_ID_GROPS if grp in self._regexObj.groupindex]
+			and (prefRegex is None or
+				not [grp for grp in FAILURE_ID_GROPS if grp in prefRegex._regexObj.groupindex])
+		):
 			raise RegexException("No failure-id group in '%s'" % self._regex)
 	
 	##
diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py
index d25e8dc5..85c07103 100644
--- a/fail2ban/server/filter.py
+++ b/fail2ban/server/filter.py
@@ -150,7 +150,7 @@ class Filter(JailThread):
 
 	def addFailRegex(self, value):
 		try:
-			regex = FailRegex(value, useDns=self.__useDns)
+			regex = FailRegex(value, prefRegex=self.__prefRegex, useDns=self.__useDns)
 			self.__failRegex.append(regex)
 			if "\n" in regex.getRegex() and not self.getMaxLines() > 1:
 				logSys.warning(
@@ -604,11 +604,11 @@ class Filter(JailThread):
 		# Pre-filter fail regex (if available):
 		preGroups = {}
 		if self.__prefRegex:
-			failRegex = self.__prefRegex.search(self.__lineBuffer)
+			self.__prefRegex.search(self.__lineBuffer)
 			if not self.__prefRegex.hasMatched():
 				return failList
-			logSys.log(7, "Pre-filter matched %s", failRegex)
 			preGroups = self.__prefRegex.getGroups()
+			logSys.log(7, "Pre-filter matched %s", preGroups)
 			repl = preGroups.get('content')
 			# Content replacement:
 			if repl: