From c8c7b0b9845f240b0e1ecaabc84def4c0a74b86e Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 15:29:27 +1100
Subject: [PATCH 1/5] BF: general Exception catch was excessive. Only IOError
 and OSError are possible and has different meanings

---
 server/filter.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/filter.py b/server/filter.py
index 5b2b85e0..ceda1377 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -477,10 +477,15 @@ class FileFilter(Filter):
 		# Try to open log file.
 		try:
 			container.open()
-		except Exception, e:
+		# see http://python.org/dev/peps/pep-3151/
+		except IOError, e:
 			logSys.error("Unable to open %s" % filename)
 			logSys.exception(e)
 			return False
+		except OSError, e: # pragma: no cover - requires race condition to tigger this
+			logSys.error("Error opening %s" % filename)
+			logSys.exception(e)
+			return False
 
 		while True:
 			line = container.readline()

From f0610c01d57976abba855c62d61bfaa78130bc4a Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Thu, 7 Feb 2013 21:50:28 +1100
Subject: [PATCH 2/5] BF: allow more than single word for command
 action[start,stop,ban,unban,check] and for setcinfo too

---
 server/transmitter.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/server/transmitter.py b/server/transmitter.py
index a02b94a2..3f880c07 100644
--- a/server/transmitter.py
+++ b/server/transmitter.py
@@ -189,7 +189,7 @@ class Transmitter:
 		elif command[1] == "setcinfo":
 			act = command[2]
 			key = command[3]
-			value = command[4]
+			value = " ".join(command[4:])
 			self.__server.setCInfo(name, act, key, value)
 			return self.__server.getCInfo(name, act, key)
 		elif command[1] == "delcinfo":
@@ -199,27 +199,27 @@ class Transmitter:
 			return None
 		elif command[1] == "actionstart":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionStart(name, act, value)
 			return self.__server.getActionStart(name, act)
 		elif command[1] == "actionstop":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionStop(name, act, value)
 			return self.__server.getActionStop(name, act)
 		elif command[1] == "actioncheck":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionCheck(name, act, value)
 			return self.__server.getActionCheck(name, act)
 		elif command[1] == "actionban":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionBan(name, act, value)
 			return self.__server.getActionBan(name, act)
 		elif command[1] == "actionunban":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionUnban(name, act, value)
 			return self.__server.getActionUnban(name, act)
 		raise Exception("Invalid command (no set action or not yet implemented)")

From 7cd6dab7f01869a3647cc5fe5a30a6d3af0b19da Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Thu, 7 Feb 2013 20:25:59 +1100
Subject: [PATCH 3/5] ENH: add help command

---
 common/protocol.py | 1 +
 fail2ban-client    | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/common/protocol.py b/common/protocol.py
index 99a2fe09..1083a94b 100644
--- a/common/protocol.py
+++ b/common/protocol.py
@@ -40,6 +40,7 @@ protocol = [
 ["stop", "stops all jails and terminate the server"], 
 ["status", "gets the current status of the server"], 
 ["ping", "tests if the server is alive"], 
+["help", "return this output"], 
 ['', "LOGGING", ""],
 ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. 0 is minimal, 4 is debug"], 
 ["get loglevel", "gets the logging level"], 
diff --git a/fail2ban-client b/fail2ban-client
index 7ee4a47c..76c18c04 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -380,7 +380,9 @@ class Fail2banClient:
 						if cmd == "exit" or cmd == "quit":
 							# Exit
 							return True
-						if not cmd == "":
+						if cmd == "help":
+							self.dispUsage()
+						elif not cmd == "":
 							self.__processCommand(shlex.split(cmd))
 			except (EOFError, KeyboardInterrupt):
 				print

From a0f088be256a0f0c84a44c309d71779a5ca11e19 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 16:28:45 +1100
Subject: [PATCH 4/5] ENH: typo + head -1 has been deprecated for 10+ years.

---
 config/action.d/dshield.conf       | 4 ++--
 config/action.d/mynetwatchman.conf | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index 177329b2..c0d87987 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -124,13 +124,13 @@ port = ???
 userid = 0
 
 # Option:  myip
-# Notes.:  TThe target IP for the attack (your public IP). Should be provided
+# Notes.:  The target IP for the attack (your public IP). Should be provided
 #          either in the jail config or in a .local file unless your PUBLIC IP
 #          is the first IP assigned to eth0
 # Values:  [ an IP address ]  Default: Tries to find the IP address of eth0,
 #          which in most cases will be a private IP, and therefore incorrect
 #
-myip = `ip -4 addr show dev eth0 | grep inet | head -1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
 
 # Option:  protocol
 # Notes.:  The protocol over which the attack is happening
diff --git a/config/action.d/mynetwatchman.conf b/config/action.d/mynetwatchman.conf
index d4f8de1a..3ae3e6db 100644
--- a/config/action.d/mynetwatchman.conf
+++ b/config/action.d/mynetwatchman.conf
@@ -102,13 +102,13 @@ mnwlogin =
 mnwpass =
 
 # Option:  myip
-# Notes.:  TThe target IP for the attack (your public IP). Should be overridden
+# Notes.:  The target IP for the attack (your public IP). Should be overridden
 #          either in the jail config or in a .local file unless your PUBLIC IP
 #          is the first IP assigned to eth0
 # Values:  [ an IP address ]  Default: Tries to find the IP address of eth0,
 #          which in most cases will be a private IP, and therefore incorrect
 #
-myip = `ip -4 addr show dev eth0 | grep inet | head -1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
 
 # Option:  protocol
 # Notes.:  The protocol over which the attack is happening

From 23bbc60b1ccebb71df499aadbab2e19f8c38737f Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 17:10:40 +1100
Subject: [PATCH 5/5] do catch all exception

---
 server/filter.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/server/filter.py b/server/filter.py
index ceda1377..35da1953 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -486,6 +486,10 @@ class FileFilter(Filter):
 			logSys.error("Error opening %s" % filename)
 			logSys.exception(e)
 			return False
+		except OSError, e: # pragma: no cover - Requires implemention error in FileContainer to generate
+			logSys.error("Internal errror in FileContainer open method - please report as a bug to https://github.com/fail2ban/fail2ban/issues")
+			logSys.exception(e)
+			return False
 
 		while True:
 			line = container.readline()