diff --git a/TODO b/TODO index 81ed4bbf..34c5d5af 100644 --- a/TODO +++ b/TODO @@ -1,2 +1,105 @@ -- Don't close socket after a send -- Refactoring in server.py, actions.py, filter.py \ No newline at end of file + __ _ _ ___ _ + / _|__ _(_) |_ ) |__ __ _ _ _ + | _/ _` | | |/ /| '_ \/ _` | ' \ + |_| \__,_|_|_/___|_.__/\__,_|_||_| + +============================================================= +ToDo $Revision$ +============================================================= + +Legend: +- not yet done +? maybe +# partially done +* done + +See Feature Request Tracking System at SourceForge.net + +- improve installation process (better prefix support) + +# improve documentation and website for user + +* use Doxygen + +- use PyLint to check the code + +* better configuration files + +- add a check to see if the time of the log messages is + correctly detected (valid regexp) + +? use Gentoo Portage style for scripts. + - banning engines script in /etc/fail2ban/scripts.d + Example: /etc/fail2ban/scripts.d/iptables + Will be mostly bash scripting which is more "user + friendly". + - split configuration files in /etc/fail2ban/services.d + for log files + Example: /etc/fail2ban/services.d/apache + Mainly regular expressions. + - template for common regex in /etc/fail2ban/templates.d + Example: /etc/fail2ban/templates.d/date + Mainly regular expressions. + +* remove debug mode (root check) + +# better return values in function + +? use more email.Utils in mail.py + +? add gettext support. Is this really needed for a server + utility? + +- send an email when fail2ban is running + +* add multithreading. Python threading is not really + efficient. However, fail2ban could benefit of it. We could + use threads like this: + - one thread which check for host to unban. + - one thread per file to watch. This will allow things like + different polling time for each file. + is read-only (we only read log files) thus no locks + are required. However, is read-write and must take + care of concurrency in case of multithreading. + +- add FAM/Gamin support. Should be quite efficient with + threading. Take care that handle_one_event() release the + Python lock. + +# add a test framework. We could use unittest which is in + Python since 2.1. It should be possible to run all tests + automatically. + +* add client/server using socket. Something similar to + gdesklets. DBUS seems to be designed for desktop use. + - fail2ban start -> start the daemon. + - fail2ban stop -> stop the daemon. + - fail2ban add -> add monitoring with + ban method (iptables, hosts.deny, etc). + - fail2ban del -> remove monitoring. + - fail2ban status -> query current fail2ban status. + Should return infos like a ban counter. Could be graph + with rrdtool. + - fail2ban pause -> suspend monitoring. + - fail2ban resume -> resume monitoring. + - fail2ban list -> list available services. + - fail2ban flush -> flush the ban list. + +- remove PID file. + +# remove most of the command lines options if possible. + +- add the possibility to specify wildcard in log files. + Example: logfile = /var/log/apache2/access-*.log + Should we start one thread per file or just one thread per + serivce? + +- autodetect date format in log file. Match the most popular + format and sort them using the hit ratio. Should avoid + user problem with regex and not have a big impact on perfs. + +- restart automatically the daemon if an exception occurs. + +- do not close socket after a send + +- refactoring in server.py, actions.py, filter.py