From 6ee4843d111b273f3a0bb0fd7e37a973230b7be6 Mon Sep 17 00:00:00 2001
From: Cyril Jaquier <cyril.jaquier@fail2ban.org>
Date: Tue, 12 Aug 2008 22:40:07 +0000
Subject: [PATCH] - Try to match the regex even if the line does not contain a
 valid date/time. Described in Debian #491253. Thanks to Yaroslav Halchenko.

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@712 a942ae1a-1317-0410-a47c-b1dcaea8d605
---
 ChangeLog        |  6 +++++-
 server/filter.py | 19 ++++++++++---------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 87b0e658..f3e13719 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,7 +12,11 @@ ver. 0.8.4 (2008/??/??) - stable
 - Merged patches from Debian package. Thanks to Yaroslav
   Halchenko.
 - Use current day and month instead of Jan 1st if both are
-  not available in the log. Thanks to Andreas Itzchak Rehberg
+  not available in the log. Thanks to Andreas Itzchak
+  Rehberg.
+- Try to match the regex even if the line does not contain a
+  valid date/time. Described in Debian #491253. Thanks to
+  Yaroslav Halchenko.
 
 ver. 0.8.3 (2008/07/17) - stable
 ----------
diff --git a/server/filter.py b/server/filter.py
index f9901150..bf5d34f8 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -241,15 +241,16 @@ class Filter(JailThread):
 		except UnicodeDecodeError:
 			l = line
 		timeMatch = self.dateDetector.matchTime(l)
-		if not timeMatch:
-			# There is no valid time in this line
-			return []
-		# Lets split into time part and log part of the line
-		timeLine = timeMatch.group()
-		# Lets leave the beginning in as well, so if there is no
-		# anchore at the beginning of the time regexp, we don't
-		# at least allow injection. Should be harmless otherwise
-		logLine  = l[:timeMatch.start()] + l[timeMatch.end():]
+		if timeMatch:
+			# Lets split into time part and log part of the line
+			timeLine = timeMatch.group()
+			# Lets leave the beginning in as well, so if there is no
+			# anchore at the beginning of the time regexp, we don't
+			# at least allow injection. Should be harmless otherwise
+			logLine  = l[:timeMatch.start()] + l[timeMatch.end():]
+		else:
+			timeLine = l
+			logLine = l
 		return self.findFailure(timeLine, logLine)
 
 	def processLineAndAdd(self, line):