From bf5f46c3d597c3914ba8fa138e172aa5db10ede2 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Wed, 30 Jan 2013 19:57:03 +0000
Subject: [PATCH 01/79] Warn if config file present but unreadable

---
 client/configreader.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/client/configreader.py b/client/configreader.py
index 063484e8..e435b254 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -59,6 +59,16 @@ class ConfigReader(SafeConfigParserWithIncludes):
 		bConf = basename + ".conf"
 		bLocal = basename + ".local"
 		if os.path.exists(bConf) or os.path.exists(bLocal):
+			if not os.access(bConf, os.R_OK) and not os.access(bLocal, os.R_OK):
+				logSys.warning(
+					"Unable to read either \"%s\" or \"%s\"" % (bConf, bLocal))
+				return False
+			elif os.path.exists(bConf) and not os.access(bConf, os.R_OK):
+				logSys.warning(
+					"\"%s\" read, but unable to read \"%s\"" % (bLocal, bConf))
+			elif os.path.exists(bLocal) and not os.access(bLocal, os.R_OK):
+				logSys.warning(
+					"\"%s\" read, but unable to read \"%s\"" % (bConf, bLocal))
 			SafeConfigParserWithIncludes.read(self, [bConf, bLocal])
 			return True
 		else:

From 9c2e0cbbc86569108fd729c9710e42b96b1c03fa Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Thu, 31 Jan 2013 18:36:23 +0000
Subject: [PATCH 02/79] Fix up for warning/error for inaccessible config files

---
 client/configreader.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/client/configreader.py b/client/configreader.py
index e435b254..4e783ebb 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -60,8 +60,13 @@ class ConfigReader(SafeConfigParserWithIncludes):
 		bLocal = basename + ".local"
 		if os.path.exists(bConf) or os.path.exists(bLocal):
 			if not os.access(bConf, os.R_OK) and not os.access(bLocal, os.R_OK):
-				logSys.warning(
-					"Unable to read either \"%s\" or \"%s\"" % (bConf, bLocal))
+				if os.path.exists(bConf) and not os.path.exists(bLocal):
+					logSys.error("Unable to read \"%s\" " % bConf)
+				elif os.path.exists(bLocal) and not os.path.exists(bConf):
+					logSys.error("Unable to read \"%s\" " % bLocal)
+				else:
+					logSys.error(
+						"Unable to read \"%s\" and \"%s\"" % (bConf, bLocal))
 				return False
 			elif os.path.exists(bConf) and not os.access(bConf, os.R_OK):
 				logSys.warning(

From 52f952e6454d12fbe31dbd53bf2220c8b7658610 Mon Sep 17 00:00:00 2001
From: ArndRa <ArndRaphael.Brandes@gmx.de>
Date: Mon, 11 Feb 2013 17:14:29 +0100
Subject: [PATCH 03/79] Update config/jail.conf

Update to use the new sogo-auth filter
---
 config/jail.conf | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/config/jail.conf b/config/jail.conf
index 1817ebd5..215e5b9a 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -201,6 +201,20 @@ filter   = roundcube-auth
 action   = iptables[name=RoundCube, port="http,https"]
 logpath  = /var/log/roundcube/userlogins
 
+
+# Monitor SOGo groupware server
+
+[sogo-iptables]
+
+enabled  = false
+filter   = sogo-auth
+port     = http, https
+# without proxy this would be:
+# port    = 20000
+
+action   = iptables[name=SOGo, port="http,https"]
+logpath  = /var/log/sogo/sogo.log
+
 # Ban attackers that try to use PHP's URL-fopen() functionality
 # through GET/POST variables. - Experimental, with more than a year
 # of usage in production environments.

From 35bf84abadfc633e33a36bdcb32586f652fdadf3 Mon Sep 17 00:00:00 2001
From: ArndRa <ArndRaphael.Brandes@gmx.de>
Date: Mon, 11 Feb 2013 08:19:48 -0800
Subject: [PATCH 04/79] Create sogo-auth.conf

Regexp works with SOGo 2.0.5 or newer, following new feature implemented here: http://www.sogo.nu/bugs/view.php?id=2229
---
 config/filter.d/sogo-auth.conf | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 config/filter.d/sogo-auth.conf

diff --git a/config/filter.d/sogo-auth.conf b/config/filter.d/sogo-auth.conf
new file mode 100644
index 00000000..e4d29c23
--- /dev/null
+++ b/config/filter.d/sogo-auth.conf
@@ -0,0 +1,19 @@
+# /etc/fail2ban/filter.d/sogo.conf
+#
+# Fail2Ban configuration file
+# By Arnd Brandes
+# SOGo
+#
+
+[Definition]
+# Option: failregex
+# Filter Ban in /var/log/sogo/sogo.log
+# Note: the error log may contain multiple hosts, whereas the first one 
+# is the client and all others are poxys. We match the first one, only
+
+failregex = Login from '<HOST>.*' for user '.*' might not have worked
+
+# Option: ignoreregex
+# Notes.: regex to ignore. If this regex matches, the line is ignored.
+# Values: TEXT
+#

From 6cd358ee95dbeef5a07af25ee028df5cfe543731 Mon Sep 17 00:00:00 2001
From: ArndRa <ArndRaphael.Brandes@gmx.de>
Date: Tue, 12 Feb 2013 10:45:37 +0100
Subject: [PATCH 05/79] Update config/filter.d/sogo-auth.conf

Comment line in the top altered to fit file name. My local file was named differently...
---
 config/filter.d/sogo-auth.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/filter.d/sogo-auth.conf b/config/filter.d/sogo-auth.conf
index e4d29c23..6a1abd3f 100644
--- a/config/filter.d/sogo-auth.conf
+++ b/config/filter.d/sogo-auth.conf
@@ -1,4 +1,4 @@
-# /etc/fail2ban/filter.d/sogo.conf
+# /etc/fail2ban/filter.d/sogo-auth.conf
 #
 # Fail2Ban configuration file
 # By Arnd Brandes

From 9ba27353b62bb20ae8aaeed45a274483ad67bd83 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 17 Feb 2013 17:03:23 -0500
Subject: [PATCH 06/79] NF: allow customization configuration under
 corresponding .d directories (Closes gh-114)

Additional changes:
  ENH: make basedir for Config's a kwarg to the constructor
  ENH: improved analysis/reporting on presence/accessibility of config
       files.  Got carried away and forgot about existing  work done by
	   Steven Hiscocks in the gh-115 -- will merge it in the next
       commit for the fair ack of his work

Now for any X.conf configuration file we have following ways to
provide customizations

  X.local -- read after .conf (kept for backward compatibility)
  X.d/ -- directory to contain additional .conf files, sorted
               alphabetically, e.g
  X.d/01_enable.conf       - to enable the jail
  X.d/02_custom_port.conf  - to change the port

X could be a 'jail' or 'fail2ban' or any other configuration file in
fail2ban.

Mention that all files still must contain the corresponding sections
(most of the time duplicating it across all of them).
---
 client/actionreader.py            |  4 +-
 client/configreader.py            | 70 ++++++++++++++++--------
 client/fail2banreader.py          |  4 +-
 client/filterreader.py            |  4 +-
 client/jailreader.py              | 11 ++--
 client/jailsreader.py             | 10 ++--
 fail2ban-testcases                |  4 +-
 testcases/clientreadertestcase.py | 89 ++++++++++++++++++++++++++++---
 8 files changed, 150 insertions(+), 46 deletions(-)

diff --git a/client/actionreader.py b/client/actionreader.py
index 581a1b3c..9ad1ef28 100644
--- a/client/actionreader.py
+++ b/client/actionreader.py
@@ -35,8 +35,8 @@ logSys = logging.getLogger("fail2ban.client.config")
 
 class ActionReader(ConfigReader):
 	
-	def __init__(self, action, name):
-		ConfigReader.__init__(self)
+	def __init__(self, action, name, **kwargs):
+		ConfigReader.__init__(self, **kwargs)
 		self.__file = action[0]
 		self.__cInfo = action[1]
 		self.__name = name
diff --git a/client/configreader.py b/client/configreader.py
index 063484e8..79c5b47b 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -27,7 +27,7 @@ __date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-import logging, os
+import glob, logging, os
 from configparserinc import SafeConfigParserWithIncludes
 from ConfigParser import NoOptionError, NoSectionError
 
@@ -35,36 +35,64 @@ from ConfigParser import NoOptionError, NoSectionError
 logSys = logging.getLogger("fail2ban.client.config")
 
 class ConfigReader(SafeConfigParserWithIncludes):
+
+	DEFAULT_BASEDIR = '/etc/fail2ban'
 	
-	BASE_DIRECTORY = "/etc/fail2ban/"
-	
-	def __init__(self):
+	def __init__(self, basedir=None):
 		SafeConfigParserWithIncludes.__init__(self)
+		self.setBaseDir(basedir)
 		self.__opts = None
 	
-	#@staticmethod
-	def setBaseDir(folderName):
-		path = folderName.rstrip('/')
-		ConfigReader.BASE_DIRECTORY = path + '/'
-	setBaseDir = staticmethod(setBaseDir)
-		
-	#@staticmethod
-	def getBaseDir():
-		return ConfigReader.BASE_DIRECTORY
-	getBaseDir = staticmethod(getBaseDir)
+	def setBaseDir(self, basedir):
+		if basedir is None:
+			basedir = ConfigReader.DEFAULT_BASEDIR	# stock system location
+		if not (os.path.exists(basedir) and os.access(basedir, os.R_OK | os.X_OK)):
+			raise ValueError("Base configuration directory %s either does not exist "
+							 "or is not accessible" % basedir)
+		self._basedir = basedir.rstrip('/')
+	
+	def getBaseDir(self):
+		return self._basedir
 	
 	def read(self, filename):
-		basename = ConfigReader.BASE_DIRECTORY + filename
+		basename = os.path.join(self._basedir, filename)
 		logSys.debug("Reading " + basename)
-		bConf = basename + ".conf"
-		bLocal = basename + ".local"
-		if os.path.exists(bConf) or os.path.exists(bLocal):
-			SafeConfigParserWithIncludes.read(self, [bConf, bLocal])
+		config_files = [ basename + ".conf",
+						 basename + ".local" ]
+
+		# choose only existing ones
+		config_files = filter(os.path.exists, config_files)
+
+		# possible further customizations under a .conf.d directory
+		config_dir = basename + '.d'
+		if os.path.exists(config_dir):
+			if os.path.isdir(config_dir) and os.access(config_dir, os.X_OK | os.R_OK):
+				# files must carry .conf suffix as well
+				config_files += sorted(glob.glob('%s/*.conf' % config_dir))
+			else:
+				logSys.warn("%s exists but not a directory or not accessible"
+							 % config_dir)
+
+		# check if files are accessible, warn if any is not accessible
+		# and remove it from the list
+		config_files_accessible = []
+		for f in config_files:
+			if os.access(f, os.R_OK):
+				config_files_accessible.append(f)
+			else:
+				logSys.warn("%s exists but not accessible - skipping" % f)
+
+		if len(config_files_accessible):
+			# at least one config exists and accessible
+			SafeConfigParserWithIncludes.read(self, config_files_accessible)
 			return True
 		else:
-			logSys.error(bConf + " and " + bLocal + " do not exist")
+			logSys.error("Found no accessible config files for %r " % filename
+						 + (["",
+							 "among existing ones: " + ', '.join(config_files)][bool(len(config_files))]))
+
 			return False
-	
+
 	##
 	# Read the options.
 	#
diff --git a/client/fail2banreader.py b/client/fail2banreader.py
index ee097bd6..7115ec79 100644
--- a/client/fail2banreader.py
+++ b/client/fail2banreader.py
@@ -35,8 +35,8 @@ logSys = logging.getLogger("fail2ban.client.config")
 
 class Fail2banReader(ConfigReader):
 	
-	def __init__(self):
-		ConfigReader.__init__(self)
+	def __init__(self, **kwargs):
+		ConfigReader.__init__(self, **kwargs)
 	
 	def read(self):
 		ConfigReader.read(self, "fail2ban")
diff --git a/client/filterreader.py b/client/filterreader.py
index b7a72f9c..7dba3579 100644
--- a/client/filterreader.py
+++ b/client/filterreader.py
@@ -35,8 +35,8 @@ logSys = logging.getLogger("fail2ban.client.config")
 
 class FilterReader(ConfigReader):
 	
-	def __init__(self, fileName, name):
-		ConfigReader.__init__(self)
+	def __init__(self, fileName, name, **kwargs):
+		ConfigReader.__init__(self, **kwargs)
 		self.__file = fileName
 		self.__name = name
 	
diff --git a/client/jailreader.py b/client/jailreader.py
index f66dc010..ec73ce46 100644
--- a/client/jailreader.py
+++ b/client/jailreader.py
@@ -40,8 +40,8 @@ class JailReader(ConfigReader):
 	
 	actionCRE = re.compile("^((?:\w|-|_|\.)+)(?:\[(.*)\])?$")
 	
-	def __init__(self, name):
-		ConfigReader.__init__(self)
+	def __init__(self, name, **kwargs):
+		ConfigReader.__init__(self, **kwargs)
 		self.__name = name
 		self.__filter = None
 		self.__actions = list()
@@ -53,7 +53,7 @@ class JailReader(ConfigReader):
 		return self.__name
 	
 	def read(self):
-		ConfigReader.read(self, "jail")
+		return ConfigReader.read(self, "jail")
 	
 	def isEnabled(self):
 		return self.__opts["enabled"]
@@ -75,7 +75,8 @@ class JailReader(ConfigReader):
 		
 		if self.isEnabled():
 			# Read filter
-			self.__filter = FilterReader(self.__opts["filter"], self.__name)
+			self.__filter = FilterReader(self.__opts["filter"], self.__name,
+										 basedir=self.getBaseDir())
 			ret = self.__filter.read()
 			if ret:
 				self.__filter.getOptions(self.__opts)
@@ -87,7 +88,7 @@ class JailReader(ConfigReader):
 			for act in self.__opts["action"].split('\n'):
 				try:
 					splitAct = JailReader.splitAction(act)
-					action = ActionReader(splitAct, self.__name)
+					action = ActionReader(splitAct, self.__name, basedir=self.getBaseDir())
 					ret = action.read()
 					if ret:
 						action.getOptions(self.__opts)
diff --git a/client/jailsreader.py b/client/jailsreader.py
index bedc5a3c..e1b8efa3 100644
--- a/client/jailsreader.py
+++ b/client/jailsreader.py
@@ -36,12 +36,12 @@ logSys = logging.getLogger("fail2ban.client.config")
 
 class JailsReader(ConfigReader):
 	
-	def __init__(self):
-		ConfigReader.__init__(self)
+	def __init__(self, **kwargs):
+		ConfigReader.__init__(self, **kwargs)
 		self.__jails = list()
 	
 	def read(self):
-		ConfigReader.read(self, "jail")
+		return ConfigReader.read(self, "jail")
 	
 	def getOptions(self, section = None):
 		opts = []
@@ -49,7 +49,7 @@ class JailsReader(ConfigReader):
 
 		if section:
 			# Get the options of a specific jail.
-			jail = JailReader(section)
+			jail = JailReader(section, basedir=self.getBaseDir())
 			jail.read()
 			ret = jail.getOptions()
 			if ret:
@@ -62,7 +62,7 @@ class JailsReader(ConfigReader):
 		else:
 			# Get the options of all jails.
 			for sec in self.sections():
-				jail = JailReader(sec)
+				jail = JailReader(sec, basedir=self.getBaseDir())
 				jail.read()
 				ret = jail.getOptions()
 				if ret:
diff --git a/fail2ban-testcases b/fail2ban-testcases
index 99fefd57..ff94cfad 100755
--- a/fail2ban-testcases
+++ b/fail2ban-testcases
@@ -130,8 +130,10 @@ tests.addTest(unittest.makeSuite(actiontestcase.ExecuteAction))
 tests.addTest(unittest.makeSuite(failmanagertestcase.AddFailure))
 # BanManager
 tests.addTest(unittest.makeSuite(banmanagertestcase.AddFailure))
-# ClientReader
+# ClientReaders
+tests.addTest(unittest.makeSuite(clientreadertestcase.ConfigReaderTest))
 tests.addTest(unittest.makeSuite(clientreadertestcase.JailReaderTest))
+tests.addTest(unittest.makeSuite(clientreadertestcase.JailsReaderTest))
 
 # Filter
 if not opts.no_network:
diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index 83121345..55fb010d 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -27,20 +27,93 @@ __date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-import unittest
+import os, shutil, tempfile, unittest
+from client.configreader import ConfigReader
 from client.jailreader import JailReader
+from client.jailsreader import JailsReader
 
-class JailReaderTest(unittest.TestCase):
+class ConfigReaderTest(unittest.TestCase):
 
 	def setUp(self):
 		"""Call before every test case."""
+		self.d = tempfile.mkdtemp(prefix="f2b-temp")
+		self.c = ConfigReader(basedir=self.d)
+
 
 	def tearDown(self):
 		"""Call after every test case."""
+		shutil.rmtree(self.d)
+
+	def _write(self, fname, value):
+		# verify if we don't need to create .d directory
+		if os.path.sep in fname:
+			d = os.path.dirname(fname)
+			d_ = os.path.join(self.d, d)
+			if not os.path.exists(d_):
+				os.makedirs(d_)
+		open("%s/%s" % (self.d, fname), "w").write("""
+[section]
+option = %s
+""" % value)
+
+	def _remove(self, fname):
+		os.unlink("%s/%s" % (self.d, fname))
+		self.assertTrue(self.c.read('c'))	# we still should have some
+
+
+	def _getoption(self):
+		self.assertTrue(self.c.read('c'))	# we got some now
+		return self.c.getOptions('section', [("int", 'option')])['option']
+
+	def testOptionalDotDDir(self):
+		self.assertFalse(self.c.read('c'))	# nothing is there yet
+		self._write("c.conf", "1")
+		self.assertEqual(self._getoption(), 1)
+		self._write("c.conf", "2")		# overwrite
+		self.assertEqual(self._getoption(), 2)
+		self._write("c.local", "3")		# add override in .local
+		self.assertEqual(self._getoption(), 3)
+		self._write("c.d/98.conf", "998") # add 1st override in .d/
+		self.assertEqual(self._getoption(), 998)
+		self._write("c.d/90.conf", "990") # add previously sorted override in .d/
+		self.assertEqual(self._getoption(), 998) #  should stay the same
+		self._write("c.d/99.conf", "999") # now override in a way without sorting we possibly get a failure
+		self.assertEqual(self._getoption(), 999)
+		self._remove("c.d/99.conf")
+		self.assertEqual(self._getoption(), 998)
+		self._remove("c.d/98.conf")
+		self.assertEqual(self._getoption(), 990)
+		self._remove("c.d/90.conf")
+		self.assertEqual(self._getoption(), 3)
+		self._remove("c.conf")			#  we allow to stay without .conf
+		self.assertEqual(self._getoption(), 3)
+		self._write("c.conf", "1")
+		self._remove("c.local")
+		self.assertEqual(self._getoption(), 1)
+
+
+class JailReaderTest(unittest.TestCase):
+
+	def testStockSSHJail(self):
+		jail = JailReader('ssh-iptables', basedir='config') # we are running tests from root project dir atm
+		self.assertTrue(jail.read())
+		self.assertTrue(jail.getOptions())
+		self.assertFalse(jail.isEnabled())
+		self.assertEqual(jail.getName(), 'ssh-iptables')
+
+
+class JailsReaderTest(unittest.TestCase):
+
+	def testProvidingBadBasedir(self):
+		if not os.path.exists('/XXX'):
+			self.assertRaises(ValueError, JailsReader, basedir='/XXX')
+
+	def testReadStockJailConf(self):
+		jails = JailsReader(basedir='config') # we are running tests from root project dir atm
+		self.assertTrue(jails.read())		  # opens fine
+		self.assertTrue(jails.getOptions())	  # reads fine
+		comm_commands = jails.convert()
+		# by default None of the jails is enabled and we get no
+		# commands to communicate to the server
+		self.assertEqual(comm_commands, [])
 
-	def testSplitAction(self):
-		action = "mail-whois[name=SSH]"
-		expected = ['mail-whois', {'name': 'SSH'}]
-		result = JailReader.splitAction(action)
-		self.assertEquals(expected, result)
-		

From 2312b1d950826bebcedc0fef937afa9fb76f0602 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 17 Feb 2013 17:19:09 -0500
Subject: [PATCH 07/79] ENH: made log messages while parsing files more
 informative + test for inaccessible file (Closes: gh-24)

---
 client/configreader.py            |  4 ++--
 testcases/clientreadertestcase.py | 14 +++++++++++---
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/client/configreader.py b/client/configreader.py
index 79c5b47b..e1a2b69f 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -56,7 +56,7 @@ class ConfigReader(SafeConfigParserWithIncludes):
 	
 	def read(self, filename):
 		basename = os.path.join(self._basedir, filename)
-		logSys.debug("Reading " + basename)
+		logSys.debug("Reading configs for %s under %s "  % (basename, self._basedir))
 		config_files = [ basename + ".conf",
 						 basename + ".local" ]
 
@@ -88,7 +88,7 @@ class ConfigReader(SafeConfigParserWithIncludes):
 			return True
 		else:
 			logSys.error("Found no accessible config files for %r " % filename
-						 + (["",
+						 + (["under %s" % self.getBaseDir(),
 							 "among existing ones: " + ', '.join(config_files)][bool(len(config_files))]))
 
 			return False
diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index 55fb010d..389220ee 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -39,7 +39,6 @@ class ConfigReaderTest(unittest.TestCase):
 		self.d = tempfile.mkdtemp(prefix="f2b-temp")
 		self.c = ConfigReader(basedir=self.d)
 
-
 	def tearDown(self):
 		"""Call after every test case."""
 		shutil.rmtree(self.d)
@@ -61,10 +60,19 @@ option = %s
 		self.assertTrue(self.c.read('c'))	# we still should have some
 
 
-	def _getoption(self):
-		self.assertTrue(self.c.read('c'))	# we got some now
+	def _getoption(self, f='c'):
+		self.assertTrue(self.c.read(f))	# we got some now
 		return self.c.getOptions('section', [("int", 'option')])['option']
 
+
+	def testInaccessibleFile(self):
+		f = os.path.join(self.d, "d.conf")  # inaccessible file
+		self._write('d.conf', 0)
+		self.assertEqual(self._getoption('d'), 0)
+		os.chmod(f, 0)
+		self.assertFalse(self.c.read('d'))	# should not be readable BUT present
+
+
 	def testOptionalDotDDir(self):
 		self.assertFalse(self.c.read('c'))	# nothing is there yet
 		self._write("c.conf", "1")

From ec3080cba599832506723f1492de1150d19d2ca5 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 17 Feb 2013 17:21:03 -0500
Subject: [PATCH 08/79] Reincarnated removed (by mistake) test for SplitAction

---
 testcases/clientreadertestcase.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index 389220ee..d581a81f 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -109,6 +109,11 @@ class JailReaderTest(unittest.TestCase):
 		self.assertFalse(jail.isEnabled())
 		self.assertEqual(jail.getName(), 'ssh-iptables')
 
+	def testSplitAction(self):
+		action = "mail-whois[name=SSH]"
+		expected = ['mail-whois', {'name': 'SSH'}]
+		result = JailReader.splitAction(action)
+		self.assertEquals(expected, result)
 
 class JailsReaderTest(unittest.TestCase):
 

From 59c35bc44a175a672e084bc30511dfa3436ff052 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 1 Mar 2013 19:57:56 -0500
Subject: [PATCH 09/79] Downgrade log rotation detection message to DEBUG level
 from INFO. Closes: gh-129

This message useful only when debugging problems so it is more reasonable
to have it suppressed otherwise
---
 server/filter.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/filter.py b/server/filter.py
index fb79fcbe..5b2b85e0 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -550,7 +550,7 @@ class FileContainer:
 		stats = os.fstat(self.__handler.fileno())
 		# Compare hash and inode
 		if self.__hash != myHash or self.__ino != stats.st_ino:
-			logSys.info("Log rotation detected for %s" % self.__filename)
+			logSys.debug("Log rotation detected for %s" % self.__filename)
 			self.__hash = myHash
 			self.__ino = stats.st_ino
 			self.__pos = 0

From d17b415371d14f00c9b24fc3672733b6666fe345 Mon Sep 17 00:00:00 2001
From: sebres <info@sebres.de>
Date: Tue, 5 Mar 2013 00:02:39 +0100
Subject: [PATCH 10/79] invalid date recognition, irregular because of sorting
 template list (sometimes not reproducible by fail2ban-regex, cause will be
 not sorted)

date in following log line (from nginx) will be wrong detected:
2012/10/11 02:37:17 [error] 18434#0: *947 user "test" was not found in "/www/...", client: 192.168.1.5, ...

sometimes it is [correct] - 2012/10/11 (%Y/%m/%d) = 1349919861.71
sometimes it is [invalid] -   12/10/11 (%d/%m/%y) = 1349915838.06
and older as now - 1800 seconds (therefore will be not found)

solution: regular expression fixed, cause date in log used always after non symbol (\W) character, so r"\d{2}/\d{2}/\d{2}" will be r"(?<!\w)\d{2}/\d{2}/\d{2}".
---
 server/datedetector.py | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/server/datedetector.py b/server/datedetector.py
index c013d551..6e484449 100644
--- a/server/datedetector.py
+++ b/server/datedetector.py
@@ -55,80 +55,80 @@ class DateDetector:
 			# standard
 			template = DateStrptime()
 			template.setName("MONTH Day Hour:Minute:Second")
-			template.setRegex("\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%b %d %H:%M:%S")
 			self._appendTemplate(template)
 			# asctime
 			template = DateStrptime()
 			template.setName("WEEKDAY MONTH Day Hour:Minute:Second Year")
-			template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
+			template.setRegex("(?<!\w)\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
 			template.setPattern("%a %b %d %H:%M:%S %Y")
 			self._appendTemplate(template)
 			# asctime without year
 			template = DateStrptime()
 			template.setName("WEEKDAY MONTH Day Hour:Minute:Second")
-			template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%a %b %d %H:%M:%S")
 			self._appendTemplate(template)
 			# simple date
 			template = DateStrptime()
 			template.setName("Year/Month/Day Hour:Minute:Second")
-			template.setRegex("\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y/%m/%d %H:%M:%S")
 			self._appendTemplate(template)
 			# simple date too (from x11vnc)
 			template = DateStrptime()
 			template.setName("Day/Month/Year Hour:Minute:Second")
-			template.setRegex("\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%m/%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# previous one but with year given by 2 digits
 			# (See http://bugs.debian.org/537610)
 			template = DateStrptime()
 			template.setName("Day/Month/Year2 Hour:Minute:Second")
-			template.setRegex("\d{2}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%m/%y %H:%M:%S")
 			self._appendTemplate(template)
 			# Apache format [31/Oct/2006:09:22:55 -0000]
 			template = DateStrptime()
 			template.setName("Day/MONTH/Year:Hour:Minute:Second")
-			template.setRegex("\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%b/%Y:%H:%M:%S")
 			self._appendTemplate(template)
 			# CPanel 05/20/2008:01:57:39
 			template = DateStrptime()
 			template.setName("Month/Day/Year:Hour:Minute:Second")
-			template.setRegex("\d{2}/\d{2}/\d{4}:\d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{4}:\d{2}:\d{2}:\d{2}")
 			template.setPattern("%m/%d/%Y:%H:%M:%S")
 			self._appendTemplate(template)
 			# Exim 2006-12-21 06:43:20
 			template = DateStrptime()
 			template.setName("Year-Month-Day Hour:Minute:Second")
-			template.setRegex("\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y-%m-%d %H:%M:%S")
 			self._appendTemplate(template)
 			# custom for syslog-ng 2006.12.21 06:43:20
 			template = DateStrptime()
 			template.setName("Year.Month.Day Hour:Minute:Second")
-			template.setRegex("\d{4}.\d{2}.\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{4}.\d{2}.\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y.%m.%d %H:%M:%S")
 			self._appendTemplate(template)
 			# named 26-Jul-2007 15:20:52.252 
 			template = DateStrptime()
 			template.setName("Day-MONTH-Year Hour:Minute:Second[.Millisecond]")
-			template.setRegex("\d{2}-\S{3}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}-\S{3}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d-%b-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# 17-07-2008 17:23:25
 			template = DateStrptime()
 			template.setName("Day-Month-Year Hour:Minute:Second")
-			template.setRegex("\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d-%m-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# 01-27-2012 16:22:44.252
 			template = DateStrptime()
 			template.setName("Month-Day-Year Hour:Minute:Second[.Millisecond]")
-			template.setRegex("\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("(?<!\w)\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%m-%d-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# TAI64N

From 6e774275161712e80fa99708395958239cd1bbd6 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Thu, 7 Mar 2013 13:03:49 -0500
Subject: [PATCH 11/79] refresh generated manpages (since 0.8.2 state)

---
 man/fail2ban-client.1 | 39 +++++++++++++++++++++++++--------------
 man/fail2ban-regex.1  | 13 ++++++++-----
 man/fail2ban-server.1 | 13 ++++++++-----
 3 files changed, 41 insertions(+), 24 deletions(-)

diff --git a/man/fail2ban-client.1 b/man/fail2ban-client.1
index 1bbddf09..431e690f 100644
--- a/man/fail2ban-client.1
+++ b/man/fail2ban-client.1
@@ -1,12 +1,12 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-CLIENT "1" "March 2008" "fail2ban-client v0.8.2" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.40.10.
+.TH FAIL2BAN-CLIENT "1" "March 2013" "fail2ban-client v0.8.8" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
 .SH SYNOPSIS
 .B fail2ban-client
 [\fIOPTIONS\fR] \fI<COMMAND>\fR
 .SH DESCRIPTION
-Fail2Ban v0.8.2 reads log file that contains password failure report
+Fail2Ban v0.8.8 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP
@@ -16,6 +16,9 @@ configuration directory
 \fB\-s\fR <FILE>
 socket path
 .TP
+\fB\-p\fR <FILE>
+pidfile path
+.TP
 \fB\-d\fR
 dump configuration. For debugging
 .TP
@@ -110,7 +113,7 @@ adds <FILE> to the monitoring list
 of <JAIL>
 .TP
 \fBset <JAIL> dellogpath <FILE>\fR
-removes <FILE> to the monitoring
+removes <FILE> from the monitoring
 list of <JAIL>
 .TP
 \fBset <JAIL> addfailregex <REGEX>\fR
@@ -140,6 +143,15 @@ back for <JAIL>
 sets the number of seconds <TIME>
 a host will be banned for <JAIL>
 .TP
+\fBset <JAIL> usedns <VALUE>\fR
+sets the usedns mode for <JAIL>
+.TP
+\fBset <JAIL> banip <IP>\fR
+manually Ban <IP> for <JAIL>
+.TP
+\fBset <JAIL> unbanip <IP>\fR
+manually Unban <IP> in <JAIL>
+.TP
 \fBset <JAIL> maxretry <RETRY>\fR
 sets the number of failures
 <RETRY> before banning the host
@@ -191,14 +203,6 @@ files for <JAIL>
 gets the list of ignored IP
 addresses for <JAIL>
 .TP
-\fBget <JAIL> timeregex\fR
-gets the regular expression used
-for the time detection for <JAIL>
-.TP
-\fBget <JAIL> timepattern\fR
-gets the pattern used for the time
-detection for <JAIL>
-.TP
 \fBget <JAIL> failregex\fR
 gets the list of regular
 expressions which matches the
@@ -218,6 +222,9 @@ will look back for failures for
 gets the time a host is banned for
 <JAIL>
 .TP
+\fBget <JAIL> usedns\fR
+gets the usedns setting for <JAIL>
+.TP
 \fBget <JAIL> maxretry\fR
 gets the number of failures
 allowed for <JAIL>
@@ -245,15 +252,19 @@ action <ACT> for <JAIL>
 \fBget <JAIL> actionunban <ACT>\fR
 gets the unban command for the
 action <ACT> for <JAIL>
+.TP
+\fBget <JAIL> cinfo <ACT> <KEY>\fR
+gets the value for <KEY> for the
+action <ACT> for <JAIL>
 .SH FILES
 \fI/etc/fail2ban/*\fR
 .SH AUTHOR
 Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.
 Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.
 .SH "REPORTING BUGS"
-Report bugs on https://github.com/fail2ban/fail2ban/issues
+Report bugs to https://github.com/fail2ban/fail2ban/issues
 .SH COPYRIGHT
-Copyright \(co 2004-2008 Cyril Jaquier
+Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
 .br
 Copyright of modifications held by their respective authors.
 Licensed under the GNU General Public License v2 (GPL).
diff --git a/man/fail2ban-regex.1 b/man/fail2ban-regex.1
index 0dac089d..09b9d6b0 100644
--- a/man/fail2ban-regex.1
+++ b/man/fail2ban-regex.1
@@ -1,12 +1,12 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-REGEX "1" "March 2008" "fail2ban-regex v0.8.2" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.40.10.
+.TH FAIL2BAN-REGEX "1" "March 2013" "fail2ban-regex v0.8.8" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
 .B fail2ban-regex
 [\fIOPTIONS\fR] \fI<LOG> <REGEX> \fR[\fIIGNOREREGEX\fR]
 .SH DESCRIPTION
-Fail2Ban v0.8.2 reads log file that contains password failure report
+Fail2Ban v0.8.8 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 This tools can test regular expressions for "fail2ban".
@@ -17,6 +17,9 @@ display this help message
 .TP
 \fB\-V\fR, \fB\-\-version\fR
 print the version
+.TP
+\fB\-v\fR, \fB\-\-verbose\fR
+verbose output
 .SH LOG
 .TP
 \fBstring\fR
@@ -42,9 +45,9 @@ path to a filter file (filter.d/sshd.conf)
 Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.
 Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.
 .SH "REPORTING BUGS"
-Report bugs on https://github.com/fail2ban/fail2ban/issues
+Report bugs to https://github.com/fail2ban/fail2ban/issues
 .SH COPYRIGHT
-Copyright \(co 2004-2008 Cyril Jaquier
+Copyright \(co 2004\-2008 Cyril Jaquier
 .br
 Copyright of modifications held by their respective authors.
 Licensed under the GNU General Public License v2 (GPL).
diff --git a/man/fail2ban-server.1 b/man/fail2ban-server.1
index 5f4f15b7..3f6b013f 100644
--- a/man/fail2ban-server.1
+++ b/man/fail2ban-server.1
@@ -1,12 +1,12 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH FAIL2BAN-SERVER "1" "March 2008" "fail2ban-server v0.8.2" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.40.10.
+.TH FAIL2BAN-SERVER "1" "March 2013" "fail2ban-server v0.8.8" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
 [\fIOPTIONS\fR]
 .SH DESCRIPTION
-Fail2Ban v0.8.2 reads log file that contains password failure report
+Fail2Ban v0.8.8 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .PP
 Only use this command for debugging purpose. Start the server with
@@ -23,6 +23,9 @@ start in foreground
 \fB\-s\fR <FILE>
 socket path
 .TP
+\fB\-p\fR <FILE>
+pidfile path
+.TP
 \fB\-x\fR
 force execution of the server (remove socket file)
 .TP
@@ -35,9 +38,9 @@ print the version
 Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.
 Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.
 .SH "REPORTING BUGS"
-Report bugs on https://github.com/fail2ban/fail2ban/issues
+Report bugs to https://github.com/fail2ban/fail2ban/issues
 .SH COPYRIGHT
-Copyright \(co 2004-2008 Cyril Jaquier
+Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
 .br
 Copyright of modifications held by their respective authors.
 Licensed under the GNU General Public License v2 (GPL).

From 00ad4d56a775ed802588bf08efe5c0ec2d824a0f Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 15:18:09 +1100
Subject: [PATCH 12/79] FSF address changes missing from previous

---
 README             | 4 ++--
 files/cacti/README | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/README b/README
index db97aa8b..e926509e 100644
--- a/README
+++ b/README
@@ -91,5 +91,5 @@ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
 PARTICULAR PURPOSE. See the GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License along with
-Fail2Ban; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-Suite 330, Boston, MA  02111-1307  USA
+Fail2Ban; if not, write to the Free Software Foundation, Inc., 51 Franklin
+Street, Fifth Floor, Boston, MA 02110, USA
diff --git a/files/cacti/README b/files/cacti/README
index 80c97ce9..73ceb3bd 100644
--- a/files/cacti/README
+++ b/files/cacti/README
@@ -49,5 +49,5 @@ details.
 
 You should have received a copy of the GNU General Public
 License along with Fail2Ban; if not, write to the Free
-Software Foundation, Inc., 59 Temple Place, Suite 330,
-Boston, MA  02111-1307  USA
+Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+Boston, MA 02110, USA

From 3665e6dc445bb8108b1a3f4ed18113a7729459e3 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 15:18:42 +1100
Subject: [PATCH 13/79] Add development documentation and framework for code
 coverage measurement

---
 .coveragerc                 |   4 ++
 .gitignore                  |   3 +
 DEVELOP                     | 122 +++++++++++++++++++++++++++++++++---
 MANIFEST                    |   2 +
 fail2ban-client             |   2 +-
 fail2ban-testcases          |  22 +++----
 server/asyncserver.py       |   2 +-
 server/filter.py            |   8 +--
 testcases/filtertestcase.py |   6 +-
 9 files changed, 144 insertions(+), 27 deletions(-)
 create mode 100644 .coveragerc

diff --git a/.coveragerc b/.coveragerc
new file mode 100644
index 00000000..3bffd79a
--- /dev/null
+++ b/.coveragerc
@@ -0,0 +1,4 @@
+
+[run]
+branch = True
+omit = /usr*
diff --git a/.gitignore b/.gitignore
index 6a0d5e64..1e3b2ec4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
 *~
 build
+dist
 *.pyc
+htmlcov
+.coverage
diff --git a/DEVELOP b/DEVELOP
index 7a6a7b9b..bce9e64e 100644
--- a/DEVELOP
+++ b/DEVELOP
@@ -24,14 +24,96 @@ Request feature. You can find more details on the Fail2Ban wiki
 Testing
 =======
 
-Existing tests can be run by executing `fail2ban-testcases`.
+Existing tests can be run by executing `fail2ban-testcases`. This has options
+like --log-level that will probably be useful. `fail2ban-testcases --help` for
+full options.
+
+Test cases should cover all usual cases, all exception cases and all inside
+/ outside boundary conditions.
+
+Test cases should cover all branches. The coverage tool will help identify
+missing branches. Also see http://nedbatchelder.com/code/coverage/branch.html
+for more details.
+
+Install the package python-coverage to visualise your test coverage. Run the
+following:
+
+coverage run fail2ban-testcases
+coverage html
+
+Then look at htmlcov/index.html and see how much coverage your test cases
+exert over the codebase. Full coverage is a good thing however it may not be
+complete. Try to ensure tests cover as many independant paths through the
+code.
+
+Manual Execution. To run in a development environment do:
+
+./fail2ban-client -c config/ -s /tmp/f2b.sock -i start
+
+some quick commands:
+
+status
+add test pyinotify
+status test
+set test addaction iptables
+set test actionban iptables echo <ip> <cidr> >> /tmp/ban
+set test actionunban iptables echo <ip> <cidr> >> /tmp/unban
+get test actionban iptables
+get test actionunban iptables
+set test banip 192.168.2.2
+status test
+
 
-Documentation about creating tests (when tests are required and some guidelines
-for creating good tests) will be added soon.
 
 Coding Standards
-================
-Coming Soon.
+================ 
+
+Style
+-----
+
+Please use tabs for now. Keep to 80 columns, at least for readable text.
+
+Tests
+-----
+
+Add tests. They should test all the code you add in a meaning way.
+
+Coverage
+--------
+
+Test coverage should always increase as you add code.
+
+You may use "# pragma: no cover" in the code for branches of code that support
+older versions on python. For all other uses of "pragma: no cover" or
+"pragma: no branch" document the reason why its not covered. "I haven't written
+a test case" isn't a sufficient reason.
+
+Documentation
+-------------
+
+Ensure this documentation is up to date after changes. Also ensure that the man
+pages still are accurage. Ensure that there is sufficient documentation for 
+your new features to be used.
+
+Bugs
+----
+
+Remove them and don't add any more.
+
+Git
+---
+
+Use the following tags in your commit messages:
+
+'ENH:' for enhancements
+'BF:' for bug fixes
+'DOC:' for documenation fixes
+
+Adding Actions
+--------------
+
+If you add an action.d/*.conf file also add a example in config/jail.conf
+with enabled=false and maxretry=5 for ssh.
 
 
 Design
@@ -127,12 +209,14 @@ FileContainer
   .__pos
     Keeps the position pointer
 
+
+dnsutils.py
+~~~~~~~~~~~
+
 DNSUtils
 
   Utility class for DNS and IP handling
 
-  RF-Note: convert to functions within a separate submodule
-
 
 filter*.py
 ~~~~~~~~~~
@@ -156,3 +240,27 @@ action.py
 ~~~~~~~~~
 
 Takes care about executing start/check/ban/unban/stop commands
+
+
+Releasing
+=========
+
+Ensure the version is correct in ./common/version.py
+
+# update man pages
+(cd man ; ./generate-man )
+
+git commit -m 'update man pages for release' man/*
+
+python setup.py check
+python setup.py sdist
+python setup.py bdist_rpm
+python setup.py upload
+
+Run the following and update the wiki with output:
+
+python -c 'import common.protocol; common.protocol.printWiki()'
+
+email users and development list of release
+
+TODO notifing distributors etc.
diff --git a/MANIFEST b/MANIFEST
index eef145b6..bedfe560 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -3,6 +3,8 @@ ChangeLog
 TODO
 THANKS
 COPYING
+DEVELOP
+doc/run-rootless.txt
 fail2ban-client
 fail2ban-server
 fail2ban-testcases
diff --git a/fail2ban-client b/fail2ban-client
index 7ee4a47c..ed211e62 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -418,7 +418,7 @@ class Fail2banClient:
 class ServerExecutionException(Exception):
 	pass
 
-if __name__ == "__main__":
+if __name__ == "__main__": # pragma: no cover - can't test main
 	client = Fail2banClient()
 	# Exit with correct return value
 	if client.start(sys.argv):
diff --git a/fail2ban-testcases b/fail2ban-testcases
index d2bbfed1..ed341385 100755
--- a/fail2ban-testcases
+++ b/fail2ban-testcases
@@ -77,10 +77,10 @@ verbosity = {'debug': 3,
 			 'fatal': 0,
 			 None: 1}[opts.log_level]
 
-if opts.log_level is not None:
+if opts.log_level is not None: # pragma: no cover
 	# so we had explicit settings
 	logSys.setLevel(getattr(logging, opts.log_level.upper()))
-else:
+else: # pragma: no cover
 	# suppress the logging but it would leave unittests' progress dots
 	# ticking, unless like with '-l fatal' which would be silent
 	# unless error occurs
@@ -89,9 +89,9 @@ else:
 # Add the default logging handler
 stdout = logging.StreamHandler(sys.stdout)
 # Custom log format for the verbose tests runs
-if verbosity > 1:
+if verbosity > 1: # pragma: no cover
 	stdout.setFormatter(logging.Formatter(' %(asctime)-15s %(thread)s %(message)s'))
-else:
+else: # pragma: no cover
 	# just prefix with the space
 	stdout.setFormatter(logging.Formatter(' %(message)s'))
 logSys.addHandler(stdout)
@@ -99,7 +99,7 @@ logSys.addHandler(stdout)
 #
 # Let know the version
 #
-if not opts.log_level or opts.log_level != 'fatal':
+if not opts.log_level or opts.log_level != 'fatal': # pragma: no cover
 	print "Fail2ban %s test suite. Python %s. Please wait..." \
 	    % (version, str(sys.version).replace('\n', ''))
 
@@ -107,9 +107,9 @@ if not opts.log_level or opts.log_level != 'fatal':
 #
 # Gather the tests
 #
-if not len(regexps):
+if not len(regexps): # pragma: no cover
 	tests = unittest.TestSuite()
-else:
+else: # pragma: no cover
 	import re
 	class FilteredTestSuite(unittest.TestSuite):
 		_regexps = [re.compile(r) for r in regexps]
@@ -159,13 +159,13 @@ filters = [FilterPoll]					  # always available
 try:
 	from server.filtergamin import FilterGamin
 	filters.append(FilterGamin)
-except Exception, e:
+except Exception, e: # pragma: no cover
 	print "I: Skipping gamin backend testing. Got exception '%s'" % e
 
 try:
 	from server.filterpyinotify import FilterPyinotify
 	filters.append(FilterPyinotify)
-except Exception, e:
+except Exception, e: # pragma: no cover
 	print "I: Skipping pyinotify backend testing. Got exception '%s'" % e
 
 for Filter_ in filters:
@@ -189,7 +189,7 @@ try:
 
 	tests_results = testRunner.run(tests)
 
-finally:
+finally: # pragma: no cover
 	# Just for the sake of it reset the TZ
 	# yoh: move all this into setup/teardown methods within tests
 	os.environ.pop('TZ')
@@ -197,5 +197,5 @@ finally:
 		os.environ['TZ'] = old_TZ
 	time.tzset()
 
-if not tests_results.wasSuccessful():
+if not tests_results.wasSuccessful(): # pragma: no cover
 	sys.exit(1)
diff --git a/server/asyncserver.py b/server/asyncserver.py
index 64ec8f39..66b2b53f 100644
--- a/server/asyncserver.py
+++ b/server/asyncserver.py
@@ -142,7 +142,7 @@ class AsyncServer(asyncore.dispatcher):
 		if sys.version_info >= (2, 6): # if python 2.6 or greater...
 			logSys.debug("Detected Python 2.6 or greater. asyncore.loop() not using poll")
 			asyncore.loop(use_poll = False) # fixes the "Unexpected communication problem" issue on Python 2.6 and 3.0
-		else:
+		else: # pragma: no cover
 			logSys.debug("NOT Python 2.6/3.* - asyncore.loop() using poll")
 			asyncore.loop(use_poll = True)
 	
diff --git a/server/filter.py b/server/filter.py
index 5b2b85e0..fb292573 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -211,7 +211,7 @@ class Filter(JailThread):
 	# file has been modified and looks for failures.
 	# @return True when the thread exits nicely
 
-	def run(self):
+	def run(self): # pragma: no cover
 		raise Exception("run() is abstract")
 
 	##
@@ -226,7 +226,7 @@ class Filter(JailThread):
 			self.failManager.addFailure(FailTicket(ip, unixTime))
 
 		# Perform the banning of the IP now.
-		try:
+		try: # pragma: no branch - exception is the only way out
 			while True:
 				ticket = self.failManager.toBan()
 				self.jail.putFailTicket(ticket)
@@ -373,7 +373,7 @@ class Filter(JailThread):
 								failList.append([ip, date])
 							# We matched a regex, it is enough to stop.
 							break
-					except RegexException, e:
+					except RegexException, e: # pragma: no cover - unsure if reachable
 						logSys.error(e)
 		return failList
 
@@ -507,7 +507,7 @@ class FileFilter(Filter):
 try:
 	import hashlib
 	md5sum = hashlib.md5
-except ImportError:
+except ImportError: # pragma: no cover
 	# hashlib was introduced in Python 2.5.  For compatibility with those
 	# elderly Pythons, import from md5
 	import md5
diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index c10fa78d..a036f804 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -99,11 +99,11 @@ def _copy_lines_between_files(fin, fout, n=None, skip=0, mode='a', terminal_line
 
 	Returns open fout
 	"""
-	if sys.version_info[:2] <= (2,4):
+	if sys.version_info[:2] <= (2,4): # pragma: no cover
 		# on old Python st_mtime is int, so we should give at least 1 sec so
 		# polling filter could detect the change
 		time.sleep(1)
-	if isinstance(fin, str):
+	if isinstance(fin, str): # pragma: no branch - only used with str in test cases
 		fin = open(fin, 'r')
 	if isinstance(fout, str):
 		fout = open(fout, mode)
@@ -353,7 +353,7 @@ def get_monitor_failures_testcase(Filter_):
 			_killfile(self.file, self.name)
 			pass
 
-		def __str__(self):
+		def __str__(self): # pragma: no cover - will only show up if unexpected exception is thrown
 			return "MonitorFailures%s(%s)" \
 			  % (Filter_, hasattr(self, 'name') and self.name or 'tempfile')
 

From c8c7b0b9845f240b0e1ecaabc84def4c0a74b86e Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 15:29:27 +1100
Subject: [PATCH 14/79] BF: general Exception catch was excessive. Only IOError
 and OSError are possible and has different meanings

---
 server/filter.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/filter.py b/server/filter.py
index 5b2b85e0..ceda1377 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -477,10 +477,15 @@ class FileFilter(Filter):
 		# Try to open log file.
 		try:
 			container.open()
-		except Exception, e:
+		# see http://python.org/dev/peps/pep-3151/
+		except IOError, e:
 			logSys.error("Unable to open %s" % filename)
 			logSys.exception(e)
 			return False
+		except OSError, e: # pragma: no cover - requires race condition to tigger this
+			logSys.error("Error opening %s" % filename)
+			logSys.exception(e)
+			return False
 
 		while True:
 			line = container.readline()

From f0610c01d57976abba855c62d61bfaa78130bc4a Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Thu, 7 Feb 2013 21:50:28 +1100
Subject: [PATCH 15/79] BF: allow more than single word for command
 action[start,stop,ban,unban,check] and for setcinfo too

---
 server/transmitter.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/server/transmitter.py b/server/transmitter.py
index a02b94a2..3f880c07 100644
--- a/server/transmitter.py
+++ b/server/transmitter.py
@@ -189,7 +189,7 @@ class Transmitter:
 		elif command[1] == "setcinfo":
 			act = command[2]
 			key = command[3]
-			value = command[4]
+			value = " ".join(command[4:])
 			self.__server.setCInfo(name, act, key, value)
 			return self.__server.getCInfo(name, act, key)
 		elif command[1] == "delcinfo":
@@ -199,27 +199,27 @@ class Transmitter:
 			return None
 		elif command[1] == "actionstart":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionStart(name, act, value)
 			return self.__server.getActionStart(name, act)
 		elif command[1] == "actionstop":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionStop(name, act, value)
 			return self.__server.getActionStop(name, act)
 		elif command[1] == "actioncheck":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionCheck(name, act, value)
 			return self.__server.getActionCheck(name, act)
 		elif command[1] == "actionban":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionBan(name, act, value)
 			return self.__server.getActionBan(name, act)
 		elif command[1] == "actionunban":
 			act = command[2]
-			value = command[3]
+			value = " ".join(command[3:])
 			self.__server.setActionUnban(name, act, value)
 			return self.__server.getActionUnban(name, act)
 		raise Exception("Invalid command (no set action or not yet implemented)")

From 7cd6dab7f01869a3647cc5fe5a30a6d3af0b19da Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Thu, 7 Feb 2013 20:25:59 +1100
Subject: [PATCH 16/79] ENH: add help command

---
 common/protocol.py | 1 +
 fail2ban-client    | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/common/protocol.py b/common/protocol.py
index 99a2fe09..1083a94b 100644
--- a/common/protocol.py
+++ b/common/protocol.py
@@ -40,6 +40,7 @@ protocol = [
 ["stop", "stops all jails and terminate the server"], 
 ["status", "gets the current status of the server"], 
 ["ping", "tests if the server is alive"], 
+["help", "return this output"], 
 ['', "LOGGING", ""],
 ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. 0 is minimal, 4 is debug"], 
 ["get loglevel", "gets the logging level"], 
diff --git a/fail2ban-client b/fail2ban-client
index 7ee4a47c..76c18c04 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -380,7 +380,9 @@ class Fail2banClient:
 						if cmd == "exit" or cmd == "quit":
 							# Exit
 							return True
-						if not cmd == "":
+						if cmd == "help":
+							self.dispUsage()
+						elif not cmd == "":
 							self.__processCommand(shlex.split(cmd))
 			except (EOFError, KeyboardInterrupt):
 				print

From a0f088be256a0f0c84a44c309d71779a5ca11e19 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 16:28:45 +1100
Subject: [PATCH 17/79] ENH: typo + head -1 has been deprecated for 10+ years.

---
 config/action.d/dshield.conf       | 4 ++--
 config/action.d/mynetwatchman.conf | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index 177329b2..c0d87987 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -124,13 +124,13 @@ port = ???
 userid = 0
 
 # Option:  myip
-# Notes.:  TThe target IP for the attack (your public IP). Should be provided
+# Notes.:  The target IP for the attack (your public IP). Should be provided
 #          either in the jail config or in a .local file unless your PUBLIC IP
 #          is the first IP assigned to eth0
 # Values:  [ an IP address ]  Default: Tries to find the IP address of eth0,
 #          which in most cases will be a private IP, and therefore incorrect
 #
-myip = `ip -4 addr show dev eth0 | grep inet | head -1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
 
 # Option:  protocol
 # Notes.:  The protocol over which the attack is happening
diff --git a/config/action.d/mynetwatchman.conf b/config/action.d/mynetwatchman.conf
index d4f8de1a..3ae3e6db 100644
--- a/config/action.d/mynetwatchman.conf
+++ b/config/action.d/mynetwatchman.conf
@@ -102,13 +102,13 @@ mnwlogin =
 mnwpass =
 
 # Option:  myip
-# Notes.:  TThe target IP for the attack (your public IP). Should be overridden
+# Notes.:  The target IP for the attack (your public IP). Should be overridden
 #          either in the jail config or in a .local file unless your PUBLIC IP
 #          is the first IP assigned to eth0
 # Values:  [ an IP address ]  Default: Tries to find the IP address of eth0,
 #          which in most cases will be a private IP, and therefore incorrect
 #
-myip = `ip -4 addr show dev eth0 | grep inet | head -1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
 
 # Option:  protocol
 # Notes.:  The protocol over which the attack is happening

From 23bbc60b1ccebb71df499aadbab2e19f8c38737f Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 17:10:40 +1100
Subject: [PATCH 18/79] do catch all exception

---
 server/filter.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/server/filter.py b/server/filter.py
index ceda1377..35da1953 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -486,6 +486,10 @@ class FileFilter(Filter):
 			logSys.error("Error opening %s" % filename)
 			logSys.exception(e)
 			return False
+		except OSError, e: # pragma: no cover - Requires implemention error in FileContainer to generate
+			logSys.error("Internal errror in FileContainer open method - please report as a bug to https://github.com/fail2ban/fail2ban/issues")
+			logSys.exception(e)
+			return False
 
 		while True:
 			line = container.readline()

From 8b91b58e2dc1fe59eebc41937d7cffaa2e26f2f3 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 17:33:16 +1100
Subject: [PATCH 19/79] add corresponding ChangeLog entry

---
 DEVELOP | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/DEVELOP b/DEVELOP
index bce9e64e..25369830 100644
--- a/DEVELOP
+++ b/DEVELOP
@@ -247,6 +247,8 @@ Releasing
 
 Ensure the version is correct in ./common/version.py
 
+Add/finalize the corresponding entry in the ChangeLog
+
 # update man pages
 (cd man ; ./generate-man )
 

From d0d89b43217ff889269b7c1f87a6b3af147e4993 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 10 Mar 2013 17:33:32 +1100
Subject: [PATCH 20/79] TODO: test filters/examples files

---
 TODO | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/TODO b/TODO
index fc43dc2c..933134e9 100644
--- a/TODO
+++ b/TODO
@@ -13,6 +13,9 @@ Legend:
 # partially done
 * done
 
+- Run tests though all filters/examples files - (see sshd example file) as unit
+  test
+
 - Removed relative imports
 
 - Cleanup fail2ban-client and fail2ban-server. Move code to server/ and client/

From 4bbbc0787225a54d556924c1126419c2b0a8f35c Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Sun, 10 Mar 2013 14:55:39 +0000
Subject: [PATCH 21/79] Added additional Transmitter tests, and some associated
 fixes

This includes some tweaks such that errors are raised for certain
commands
---
 server/actions.py           |  7 ++--
 server/filter.py            |  2 ++
 server/transmitter.py       | 10 ++++--
 testcases/servertestcase.py | 66 ++++++++++++++++++++++++++++++-------
 4 files changed, 67 insertions(+), 18 deletions(-)

diff --git a/server/actions.py b/server/actions.py
index 4d021a71..ddcc83d6 100644
--- a/server/actions.py
+++ b/server/actions.py
@@ -77,7 +77,8 @@ class Actions(JailThread):
 		for action in self.__actions:
 			if action.getName() == name:
 				self.__actions.remove(action)
-				break
+				return
+		raise KeyError("Invalid Action name: %s" % name)
 	
 	##
 	# Returns an action.
@@ -91,7 +92,7 @@ class Actions(JailThread):
 		for action in self.__actions:
 			if action.getName() == name:
 				return action
-		raise KeyError
+		raise KeyError("Invalid Action name")
 	
 	##
 	# Returns the last defined action.
@@ -131,7 +132,7 @@ class Actions(JailThread):
 			# Unban the IP.
 			self.__unBan(ticket)
 			return ip
-		return 'None'
+		raise ValueError("IP %s is not banned" % ip)
 
 	##
 	# Main loop.
diff --git a/server/filter.py b/server/filter.py
index fb292573..dc82d7aa 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -93,6 +93,7 @@ class Filter(JailThread):
 			self.__failRegex.append(regex)
 		except RegexException, e:
 			logSys.error(e)
+			raise e
 
 
 	def delFailRegex(self, index):
@@ -126,6 +127,7 @@ class Filter(JailThread):
 			self.__ignoreRegex.append(regex)
 		except RegexException, e:
 			logSys.error(e)
+			raise e 
 
 	def delIgnoreRegex(self, index):
 		try:
diff --git a/server/transmitter.py b/server/transmitter.py
index a02b94a2..c9033010 100644
--- a/server/transmitter.py
+++ b/server/transmitter.py
@@ -112,14 +112,18 @@ class Transmitter:
 			return self.__server.getLogLevel()
 		elif name == "logtarget":
 			value = command[1]
-			self.__server.setLogTarget(value)
-			return self.__server.getLogTarget()
+			if self.__server.setLogTarget(value):
+				return self.__server.getLogTarget()
+			else:
+				raise Exception("Failed to change log target")
 		# Jail
 		elif command[1] == "idle":
 			if command[2] == "on":
 				self.__server.setIdleJail(name, True)
 			elif command[2] == "off":
 				self.__server.setIdleJail(name, False)
+			else:
+				raise Exception("Invalid idle option, must be 'yes' or 'no'")
 			return self.__server.getIdleJail(name)
 		# Filter
 		elif command[1] == "addignoreip":
@@ -275,7 +279,7 @@ class Transmitter:
 	def status(self, command):
 		if len(command) == 0:
 			return self.__server.status()
-		else:
+		elif len(command) == 1:
 			name = command[0]
 			return self.__server.statusJail(name)
 		raise Exception("Invalid command (no status)")
diff --git a/testcases/servertestcase.py b/testcases/servertestcase.py
index 00f56b81..4268df38 100644
--- a/testcases/servertestcase.py
+++ b/testcases/servertestcase.py
@@ -29,6 +29,7 @@ __license__ = "GPL"
 
 import unittest, socket, time, tempfile, os
 from server.server import Server
+from common.exceptions import UnknownJailException
 
 class StartStop(unittest.TestCase):
 
@@ -141,6 +142,9 @@ class Transmitter(unittest.TestCase):
 				self.__transm.proceed(["get", jail, cmd]),
 				(0, outValues[n+1:]))
 
+	def testStopServer(self):
+		self.assertEqual(self.__transm.proceed(["stop"]), (0, None))
+
 	def testPing(self):
 		self.assertEqual(self.__transm.proceed(["ping"]), (0, "pong"))
 
@@ -162,11 +166,7 @@ class Transmitter(unittest.TestCase):
 
 		# If path is invalid, do not change logtarget
 		value = "/this/path/should/not/exist"
-		self.assertEqual(
-			self.__transm.proceed(["set", "logtarget", value]),
-			(0, logTarget)) #NOTE: Shouldn't this return 1
-		self.assertEqual(
-			self.__transm.proceed(["get", "logtarget"]), (0, logTargets[-1]))
+		self.setGetTestNOK("logtarget", value)
 
 		self.__transm.proceed(["set", "/dev/null"])
 		for logTarget in logTargets:
@@ -196,6 +196,28 @@ class Transmitter(unittest.TestCase):
 		self.assertEqual(
 			self.__transm.proceed(["add", "all", "polling"])[0], 1)
 
+	def testStartStopJail(self):
+		self.assertEqual(
+			self.__transm.proceed(["start", self.jailName]), (0, None))
+		time.sleep(1)
+		self.assertEqual(
+			self.__transm.proceed(["stop", self.jailName]), (0, None))
+		self.assertRaises(
+			UnknownJailException, self.__server.isAlive, self.jailName)
+
+	def testStartStopAllJail(self):
+		self.__server.addJail("TestJail2", "auto")
+		self.assertEqual(
+			self.__transm.proceed(["start", self.jailName]), (0, None))
+		self.assertEqual(
+			self.__transm.proceed(["start", "TestJail2"]), (0, None))
+		self.assertEqual(self.__transm.proceed(["stop", "all"]), (0, None))
+		time.sleep(1)
+		self.assertRaises(
+			UnknownJailException, self.__server.isAlive, self.jailName)
+		self.assertRaises(
+			UnknownJailException, self.__server.isAlive, "TestJail2")
+
 	def testJailIdle(self):
 		self.assertEqual(
 			self.__transm.proceed(["set", self.jailName, "idle", "on"]),
@@ -205,7 +227,7 @@ class Transmitter(unittest.TestCase):
 			(0, False))
 		self.assertEqual(
 			self.__transm.proceed(["set", self.jailName, "idle", "CAT"])[0],
-			0) #NOTE: Should this return 1
+			1)
 
 	def testJailFindTime(self):
 		self.setGetTest("findtime", "120", 120, jail=self.jailName)
@@ -249,8 +271,7 @@ class Transmitter(unittest.TestCase):
 		# Unban IP which isn't banned
 		self.assertEqual(
 			self.__transm.proceed(
-				["set", self.jailName, "unbanip", "192.168.1.1"]),
-			(0, "None")) #NOTE: Should this return 1?
+				["set", self.jailName, "unbanip", "192.168.1.1"])[0],1)
 
 	def testJailMaxRetry(self):
 		self.setGetTest("maxretry", "5", 5, jail=self.jailName)
@@ -335,8 +356,8 @@ class Transmitter(unittest.TestCase):
 
 		self.assertEqual(
 			self.__transm.proceed(
-				["set", self.jailName, "addfailregex", "No host regex"]),
-			(0, [])) #NOTE: Shouldn't this return 1?
+				["set", self.jailName, "addfailregex", "No host regex"])[0],
+			1)
 		self.assertEqual(
 			self.__transm.proceed(
 				["set", self.jailName, "addfailregex", 654])[0],
@@ -357,6 +378,10 @@ class Transmitter(unittest.TestCase):
 			self.jailName
 		)
 
+		self.assertEqual(
+			self.__transm.proceed(
+				["set", self.jailName, "addignoreregex", "Invalid [regex"])[0],
+			1)
 		self.assertEqual(
 			self.__transm.proceed(
 				["set", self.jailName, "addignoreregex", 50])[0],
@@ -409,6 +434,9 @@ class Transmitter(unittest.TestCase):
 		self.assertEqual(
 			self.__transm.proceed(["set", self.jailName, "addaction", action]),
 			(0, action))
+		self.assertEqual(
+			self.__transm.proceed(["get", self.jailName, "addaction", action]),
+			(0, action))
 		for cmd, value in zip(cmdList, cmdValueList):
 			self.assertEqual(
 				self.__transm.proceed(
@@ -439,5 +467,19 @@ class Transmitter(unittest.TestCase):
 			(0, None))
 		self.assertEqual(
 			self.__transm.proceed(
-				["set", self.jailName, "delaction", "Doesn't exist"]),
-			(0, None)) #NOTE: Should this return 1?
+				["set", self.jailName, "delaction", "Doesn't exist"])[0],1)
+
+	def testNOK(self):
+		self.assertEqual(self.__transm.proceed(["INVALID", "COMMAND"])[0],1)
+
+	def testSetNOK(self):
+		self.assertEqual(
+			self.__transm.proceed(["set", "INVALID", "COMMAND"])[0],1)
+
+	def testGetNOK(self):
+		self.assertEqual(
+			self.__transm.proceed(["get", "INVALID", "COMMAND"])[0],1)
+
+	def testStatusNOK(self):
+		self.assertEqual(
+			self.__transm.proceed(["status", "INVALID", "COMMAND"])[0],1)

From a2b29b4875455662b48b2f9f3537bc17445a887d Mon Sep 17 00:00:00 2001
From: Pascal Borreli <pascal@borreli.com>
Date: Sun, 10 Mar 2013 22:05:33 +0000
Subject: [PATCH 22/79] Fixed typos

---
 DEVELOP                                      |  6 +++---
 config/action.d/dshield.conf                 |  2 +-
 config/action.d/iptables-allports.conf       |  2 +-
 config/action.d/iptables-ipset-proto4.conf   |  2 +-
 config/action.d/iptables-ipset-proto6.conf   |  2 +-
 config/action.d/iptables-multiport-log.conf  |  2 +-
 config/action.d/iptables-multiport.conf      |  2 +-
 config/action.d/iptables-new.conf            |  2 +-
 config/action.d/iptables-xt_recent-echo.conf |  4 ++--
 config/action.d/iptables.conf                |  2 +-
 config/action.d/mail-whois-lines.conf        |  2 +-
 config/action.d/mail-whois.conf              |  2 +-
 config/action.d/mail.conf                    |  2 +-
 config/action.d/sendmail-buffered.conf       |  2 +-
 config/action.d/sendmail-whois-lines.conf    |  2 +-
 config/action.d/sendmail-whois.conf          |  2 +-
 config/action.d/sendmail.conf                |  2 +-
 config/filter.d/apache-badbots.conf          |  2 +-
 config/jail.conf                             |  2 +-
 doc/run-rootless.txt                         | 14 +++++++-------
 fail2ban-client                              |  2 +-
 server/action.py                             |  4 ++--
 server/filter.py                             |  8 ++++----
 server/filterpoll.py                         |  2 +-
 24 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/DEVELOP b/DEVELOP
index 25369830..cddf4456 100644
--- a/DEVELOP
+++ b/DEVELOP
@@ -92,7 +92,7 @@ Documentation
 -------------
 
 Ensure this documentation is up to date after changes. Also ensure that the man
-pages still are accurage. Ensure that there is sufficient documentation for 
+pages still are accurate. Ensure that there is sufficient documentation for
 your new features to be used.
 
 Bugs
@@ -107,7 +107,7 @@ Use the following tags in your commit messages:
 
 'ENH:' for enhancements
 'BF:' for bug fixes
-'DOC:' for documenation fixes
+'DOC:' for documentation fixes
 
 Adding Actions
 --------------
@@ -265,4 +265,4 @@ python -c 'import common.protocol; common.protocol.printWiki()'
 
 email users and development list of release
 
-TODO notifing distributors etc.
+TODO notifying distributors etc.
diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index 177329b2..fea8f196 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -116,7 +116,7 @@ actionunban = if [ -f <tmpfile>.first ]; then
 port = ???
 
 # Option:  userid
-# Notes.:  Your DSheild user ID. Should be provided either in the jail config or
+# Notes.:  Your DShield user ID. Should be provided either in the jail config or
 #          in a .local file.
 #          Register at https://secure.dshield.org/register.html
 # Values:  [ NUM ]  Default: 0
diff --git a/config/action.d/iptables-allports.conf b/config/action.d/iptables-allports.conf
index f534fee9..c7f76c83 100644
--- a/config/action.d/iptables-allports.conf
+++ b/config/action.d/iptables-allports.conf
@@ -53,7 +53,7 @@ actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/iptables-ipset-proto4.conf b/config/action.d/iptables-ipset-proto4.conf
index f7d03f67..665d35cf 100644
--- a/config/action.d/iptables-ipset-proto4.conf
+++ b/config/action.d/iptables-ipset-proto4.conf
@@ -53,7 +53,7 @@ actionunban = ipset --test fail2ban-<name> <ip> && ipset --del fail2ban-<name> <
 
 [Init]
 
-# Defaut name of the ipset
+# Default name of the ipset
 #
 name = default
 
diff --git a/config/action.d/iptables-ipset-proto6.conf b/config/action.d/iptables-ipset-proto6.conf
index 3352d63d..e4ceb0d0 100644
--- a/config/action.d/iptables-ipset-proto6.conf
+++ b/config/action.d/iptables-ipset-proto6.conf
@@ -53,7 +53,7 @@ actionunban = ipset del fail2ban-<name> <ip> -exist
 
 [Init]
 
-# Defaut name of the ipset
+# Default name of the ipset
 #
 name = default
 
diff --git a/config/action.d/iptables-multiport-log.conf b/config/action.d/iptables-multiport-log.conf
index 9cdc4bab..0f4947dd 100644
--- a/config/action.d/iptables-multiport-log.conf
+++ b/config/action.d/iptables-multiport-log.conf
@@ -61,7 +61,7 @@ actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/iptables-multiport.conf b/config/action.d/iptables-multiport.conf
index d062f74d..8b15ad86 100644
--- a/config/action.d/iptables-multiport.conf
+++ b/config/action.d/iptables-multiport.conf
@@ -51,7 +51,7 @@ actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/iptables-new.conf b/config/action.d/iptables-new.conf
index 92bd9a55..64f54582 100644
--- a/config/action.d/iptables-new.conf
+++ b/config/action.d/iptables-new.conf
@@ -53,7 +53,7 @@ actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/iptables-xt_recent-echo.conf b/config/action.d/iptables-xt_recent-echo.conf
index f3ac80b5..170fef07 100644
--- a/config/action.d/iptables-xt_recent-echo.conf
+++ b/config/action.d/iptables-xt_recent-echo.conf
@@ -11,7 +11,7 @@
 # Notes.:  command executed once at the start of Fail2Ban.
 # Values:  CMD
 #
-# Changing iptables rules requires root priviledges. If fail2ban is
+# Changing iptables rules requires root privileges. If fail2ban is
 # configured to run as root, firewall setup can be performed by
 # fail2ban automatically. However, if fail2ban is configured to run as
 # a normal user, the configuration must be done by some other means
@@ -65,7 +65,7 @@ actionunban = echo -<ip> > /proc/net/xt_recent/fail2ban-<name>
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/iptables.conf b/config/action.d/iptables.conf
index a846f971..083065fc 100644
--- a/config/action.d/iptables.conf
+++ b/config/action.d/iptables.conf
@@ -51,7 +51,7 @@ actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
index 6d3343b6..1ace68f6 100644
--- a/config/action.d/mail-whois-lines.conf
+++ b/config/action.d/mail-whois-lines.conf
@@ -62,7 +62,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
index 9e6ec88e..1581c42c 100644
--- a/config/action.d/mail-whois.conf
+++ b/config/action.d/mail-whois.conf
@@ -59,7 +59,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
index 01f22ff8..02946b43 100644
--- a/config/action.d/mail.conf
+++ b/config/action.d/mail.conf
@@ -57,7 +57,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/sendmail-buffered.conf b/config/action.d/sendmail-buffered.conf
index 25a23b78..80f71374 100644
--- a/config/action.d/sendmail-buffered.conf
+++ b/config/action.d/sendmail-buffered.conf
@@ -83,7 +83,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/sendmail-whois-lines.conf b/config/action.d/sendmail-whois-lines.conf
index b84440d0..dfbf9ff8 100644
--- a/config/action.d/sendmail-whois-lines.conf
+++ b/config/action.d/sendmail-whois-lines.conf
@@ -73,7 +73,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/sendmail-whois.conf b/config/action.d/sendmail-whois.conf
index 363c3398..e6a15fb5 100644
--- a/config/action.d/sendmail-whois.conf
+++ b/config/action.d/sendmail-whois.conf
@@ -71,7 +71,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/action.d/sendmail.conf b/config/action.d/sendmail.conf
index bdc2a3b6..5bb75575 100644
--- a/config/action.d/sendmail.conf
+++ b/config/action.d/sendmail.conf
@@ -69,7 +69,7 @@ actionunban =
 
 [Init]
 
-# Defaut name of the chain
+# Default name of the chain
 #
 name = default
 
diff --git a/config/filter.d/apache-badbots.conf b/config/filter.d/apache-badbots.conf
index 1d70bb0e..1c60676d 100644
--- a/config/filter.d/apache-badbots.conf
+++ b/config/filter.d/apache-badbots.conf
@@ -16,7 +16,7 @@ badbots = atSpider/1\.0|autoemailspider|China Local Browse 2\.6|ContentSmartz|Da
 # Option:  failregex
 # Notes.:  Regexp to catch known spambots and software alike. Please verify
 #          that it is your intent to block IPs which were driven by
-#          abovementioned bots.
+#          above mentioned bots.
 # Values:  TEXT
 #
 failregex = ^<HOST> -.*"(GET|POST).*HTTP.*"(?:%(badbots)s|%(badbotscustom)s)"$
diff --git a/config/jail.conf b/config/jail.conf
index a0093f68..8bb1a6b6 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -241,7 +241,7 @@ logpath = /var/log/lighttpd/error.log
 maxretry = 2
 
 # Same as above for mod_auth
-# It catches wrong authentifications
+# It catches wrong authentications
 
 [lighttpd-auth]
 
diff --git a/doc/run-rootless.txt b/doc/run-rootless.txt
index 85a8f766..5edf6ef6 100644
--- a/doc/run-rootless.txt
+++ b/doc/run-rootless.txt
@@ -1,7 +1,7 @@
-Fail2ban normally requires root priviledges to insert iptables rules
+Fail2ban normally requires root privileges to insert iptables rules
 through calls to /sbin/iptables and also to read the logfiles.
-Fail2ban can run as an unpriviledged user provided that those two
-capabilites are preserved. The idea is to run fail2ban as a normal
+Fail2ban can run as an unprivileged user provided that those two
+capabilities are preserved. The idea is to run fail2ban as a normal
 user (e.g. fail2ban) who belongs to a group which is allowed to read
 logfiles. The user should also be allowed to write to
 /proc/net/xt_recent/fail2ban-<name> (name is specified in the iptables
@@ -20,14 +20,14 @@ Another way to use xt_recent is by inserting the rules by writing to
 action. Files in /proc/net/xt_recent/ are protected by normal
 filesystem rules, so can be chown'ed and chmod'ed to be writable by a
 certain user. After the necessary iptables rules are inserted (which
-requires root priviledges), blacklisting can be perfomed by an
-unpriviledged user.
+requires root privileges), blacklisting can be performed by an
+unprivileged user.
 
 Using fail2ban with xt_recent allows smarter filtering than normal
 iptables rules with the xt_recent module can provide.
 
 The disadvantage is that fail2ban cannot perform the setup by itself,
-which would require the priviledge to call /sbin/iptables, and it must
+which would require the privilege to call /sbin/iptables, and it must
 be done through other means.
 
 The primary advantage is obvious: it's generally better to run
@@ -46,7 +46,7 @@ some user and thus allow delisting IPs by helper administrators
 without the ability to mess up other iptables rules.
 
 The xt_recent-echo jail can be used under the root user without
-further configuration. To run not as root, futher setup is necessary:
+further configuration. To run not as root, further setup is necessary:
 
 - Create user:
 
diff --git a/fail2ban-client b/fail2ban-client
index ed211e62..b832450e 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -297,7 +297,7 @@ class Fail2banClient:
 					delta = -1
 				elif pos < 2:
 					delta = 1
-			# The server has 30 secondes to start.
+			# The server has 30 seconds to start.
 			if cnt >= 300:
 				if self.__conf["verbose"] > 1:
 					sys.stdout.write('\n')
diff --git a/server/action.py b/server/action.py
index 35974c70..5fde3ae1 100644
--- a/server/action.py
+++ b/server/action.py
@@ -277,8 +277,8 @@ class Action:
 	# Executes a command with preliminary checks and substitutions.
 	#
 	# Before executing any commands, executes the "check" command first
-	# in order to check if prerequirements are met. If this check fails,
-	# it tries to restore a sane environnement before executing the real
+	# in order to check if pre-requirements are met. If this check fails,
+	# it tries to restore a sane environment before executing the real
 	# command.
 	# Replaces "aInfo" and "cInfo" in the query too.
 	#
diff --git a/server/filter.py b/server/filter.py
index fb292573..64a6c5e5 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -44,7 +44,7 @@ logSys = logging.getLogger("fail2ban.filter")
 # Log reader class.
 #
 # This class reads a log file and detects login failures or anything else
-# that matches a given regular expression. This class is instanciated by
+# that matches a given regular expression. This class is instantiated by
 # a Jail object.
 
 class Filter(JailThread):
@@ -117,7 +117,7 @@ class Filter(JailThread):
 	# Add the regular expression which matches the failure.
 	#
 	# The regular expression can also match any other pattern than failures
-	# and thus can be used for many purporse.
+	# and thus can be used for many purpose.
 	# @param value the regular expression
 
 	def addIgnoreRegex(self, value):
@@ -414,7 +414,7 @@ class FileFilter(Filter):
 
 	def _addLogPath(self, path):
 		# nothing to do by default
-		# to be overriden by backends
+		# to be overridden by backends
 		pass
 
 
@@ -433,7 +433,7 @@ class FileFilter(Filter):
 
 	def _delLogPath(self, path):
 		# nothing to do by default
-		# to be overriden by backends
+		# to be overridden by backends
 		pass
 
 	##
diff --git a/server/filterpoll.py b/server/filterpoll.py
index 0719545a..f0e23ac1 100644
--- a/server/filterpoll.py
+++ b/server/filterpoll.py
@@ -39,7 +39,7 @@ logSys = logging.getLogger("fail2ban.filter")
 # Log reader class.
 #
 # This class reads a log file and detects login failures or anything else
-# that matches a given regular expression. This class is instanciated by
+# that matches a given regular expression. This class is instantiated by
 # a Jail object.
 
 class FilterPoll(FileFilter):

From cabbc0fd96c71e34c65b64febdac019681055c7a Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 10 Mar 2013 21:21:27 -0400
Subject: [PATCH 23/79] DOC: added a note that coverage script is
 python-coverage on Debian systems

---
 DEVELOP | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/DEVELOP b/DEVELOP
index cddf4456..09bf7277 100644
--- a/DEVELOP
+++ b/DEVELOP
@@ -36,7 +36,8 @@ missing branches. Also see http://nedbatchelder.com/code/coverage/branch.html
 for more details.
 
 Install the package python-coverage to visualise your test coverage. Run the
-following:
+following (note: on Debian-based systems, the script is called
+`python-coverage`):
 
 coverage run fail2ban-testcases
 coverage html

From b6bb2f88c1dbb111647269590d80d95f72c81c3e Mon Sep 17 00:00:00 2001
From: sebres <sergey.brester@W7-DEHBG0189.wincor-nixdorf.com>
Date: Mon, 11 Mar 2013 13:52:31 +0100
Subject: [PATCH 24/79] invalid date recognition, irregular because of sorting
 template list, now via setRegex

---
 server/datedetector.py | 26 +++++++++++++-------------
 server/datetemplate.py |  7 +++++--
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/server/datedetector.py b/server/datedetector.py
index 6e484449..c013d551 100644
--- a/server/datedetector.py
+++ b/server/datedetector.py
@@ -55,80 +55,80 @@ class DateDetector:
 			# standard
 			template = DateStrptime()
 			template.setName("MONTH Day Hour:Minute:Second")
-			template.setRegex("(?<!\w)\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%b %d %H:%M:%S")
 			self._appendTemplate(template)
 			# asctime
 			template = DateStrptime()
 			template.setName("WEEKDAY MONTH Day Hour:Minute:Second Year")
-			template.setRegex("(?<!\w)\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
+			template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2} \d{4}")
 			template.setPattern("%a %b %d %H:%M:%S %Y")
 			self._appendTemplate(template)
 			# asctime without year
 			template = DateStrptime()
 			template.setName("WEEKDAY MONTH Day Hour:Minute:Second")
-			template.setRegex("(?<!\w)\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\S{3} \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%a %b %d %H:%M:%S")
 			self._appendTemplate(template)
 			# simple date
 			template = DateStrptime()
 			template.setName("Year/Month/Day Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y/%m/%d %H:%M:%S")
 			self._appendTemplate(template)
 			# simple date too (from x11vnc)
 			template = DateStrptime()
 			template.setName("Day/Month/Year Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%m/%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# previous one but with year given by 2 digits
 			# (See http://bugs.debian.org/537610)
 			template = DateStrptime()
 			template.setName("Day/Month/Year2 Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%m/%y %H:%M:%S")
 			self._appendTemplate(template)
 			# Apache format [31/Oct/2006:09:22:55 -0000]
 			template = DateStrptime()
 			template.setName("Day/MONTH/Year:Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}/\S{3}/\d{4}:\d{2}:\d{2}:\d{2}")
 			template.setPattern("%d/%b/%Y:%H:%M:%S")
 			self._appendTemplate(template)
 			# CPanel 05/20/2008:01:57:39
 			template = DateStrptime()
 			template.setName("Month/Day/Year:Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{2}/\d{2}/\d{4}:\d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}/\d{2}/\d{4}:\d{2}:\d{2}:\d{2}")
 			template.setPattern("%m/%d/%Y:%H:%M:%S")
 			self._appendTemplate(template)
 			# Exim 2006-12-21 06:43:20
 			template = DateStrptime()
 			template.setName("Year-Month-Day Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y-%m-%d %H:%M:%S")
 			self._appendTemplate(template)
 			# custom for syslog-ng 2006.12.21 06:43:20
 			template = DateStrptime()
 			template.setName("Year.Month.Day Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{4}.\d{2}.\d{2} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{4}.\d{2}.\d{2} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%Y.%m.%d %H:%M:%S")
 			self._appendTemplate(template)
 			# named 26-Jul-2007 15:20:52.252 
 			template = DateStrptime()
 			template.setName("Day-MONTH-Year Hour:Minute:Second[.Millisecond]")
-			template.setRegex("(?<!\w)\d{2}-\S{3}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}-\S{3}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d-%b-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# 17-07-2008 17:23:25
 			template = DateStrptime()
 			template.setName("Day-Month-Year Hour:Minute:Second")
-			template.setRegex("(?<!\w)\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%d-%m-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# 01-27-2012 16:22:44.252
 			template = DateStrptime()
 			template.setName("Month-Day-Year Hour:Minute:Second[.Millisecond]")
-			template.setRegex("(?<!\w)\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
+			template.setRegex("\d{2}-\d{2}-\d{4} \d{2}:\d{2}:\d{2}")
 			template.setPattern("%m-%d-%Y %H:%M:%S")
 			self._appendTemplate(template)
 			# TAI64N
diff --git a/server/datetemplate.py b/server/datetemplate.py
index f663862e..a25a42ea 100644
--- a/server/datetemplate.py
+++ b/server/datetemplate.py
@@ -50,8 +50,11 @@ class DateTemplate:
 	def getName(self):
 		return self.__name
 	
-	def setRegex(self, regex):
-		self.__regex = regex.strip()
+	def setRegex(self, regex, wordBegin = True):
+		regex = regex.strip()
+		if (wordBegin and not re.search(r'^\^', regex)):
+			regex = r'\b' + regex
+		self.__regex = regex
 		self.__cRegex = re.compile(regex)
 		
 	def getRegex(self):

From d4362859ef6ac1142340c19473c5fa1f9117b58b Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Mon, 11 Mar 2013 17:22:57 +0000
Subject: [PATCH 25/79] Added testcase for csocket and asyncserver

---
 fail2ban-testcases          |  3 ++
 testcases/sockettestcase.py | 82 +++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
 create mode 100644 testcases/sockettestcase.py

diff --git a/fail2ban-testcases b/fail2ban-testcases
index ed341385..2ab59f6a 100755
--- a/fail2ban-testcases
+++ b/fail2ban-testcases
@@ -35,6 +35,7 @@ from testcases import filtertestcase
 from testcases import servertestcase
 from testcases import datedetectortestcase
 from testcases import actiontestcase
+from testcases import sockettestcase
 from server.mytime import MyTime
 
 from optparse import OptionParser, Option
@@ -132,6 +133,8 @@ tests.addTest(unittest.makeSuite(failmanagertestcase.AddFailure))
 tests.addTest(unittest.makeSuite(banmanagertestcase.AddFailure))
 # ClientReader
 tests.addTest(unittest.makeSuite(clientreadertestcase.JailReaderTest))
+# CSocket and AsyncServer
+tests.addTest(unittest.makeSuite(sockettestcase.Socket))
 
 # Filter
 if not opts.no_network:
diff --git a/testcases/sockettestcase.py b/testcases/sockettestcase.py
new file mode 100644
index 00000000..b7258c0f
--- /dev/null
+++ b/testcases/sockettestcase.py
@@ -0,0 +1,82 @@
+# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
+# vi: set ft=python sts=4 ts=4 sw=4 noet :
+
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+# Author: Cyril Jaquier
+# 
+# $Revision$
+
+__author__ = "Cyril Jaquier"
+__version__ = "$Revision$"
+__date__ = "$Date$"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__license__ = "GPL"
+
+import unittest, time, tempfile, os, threading
+from server.asyncserver import AsyncServer, AsyncServerException
+from client.csocket import CSocket
+
+class Socket(unittest.TestCase):
+
+	def setUp(self):
+		"""Call before every test case."""
+		self.server = AsyncServer(self)
+		sock_fd, sock_name = tempfile.mkstemp('fail2ban.sock', 'socket')
+		os.close(sock_fd)
+		os.remove(sock_name)
+		self.sock_name = sock_name
+
+	def tearDown(self):
+		"""Call after every test case."""
+
+	@staticmethod
+	def proceed(message):
+		"""Test transmitter proceed method which just returns first arg"""
+		return message
+
+	def testSocket(self):
+		serverThread = threading.Thread(
+			target=self.server.start, args=(self.sock_name, False))
+		serverThread.daemon = True
+		serverThread.start()
+		time.sleep(1)
+
+		client = CSocket(self.sock_name)
+		testMessage = ["A", "test", "message"]
+		self.assertEqual(client.send(testMessage), testMessage)
+
+		self.server.stop()
+		serverThread.join(1)
+		self.assertFalse(os.path.exists(self.sock_name))
+
+	def testSocketForce(self):
+		open(self.sock_name, 'w').close() # Create sock file
+		# Try to start without force
+		self.assertRaises(
+			AsyncServerException, self.server.start, self.sock_name, False)
+
+		# Try agin with force set
+		serverThread = threading.Thread(
+			target=self.server.start, args=(self.sock_name, True))
+		serverThread.daemon = True
+		serverThread.start()
+		time.sleep(1)
+
+		self.server.stop()
+		serverThread.join(1)
+		self.assertFalse(os.path.exists(self.sock_name))

From 2a57a17c860399818e10e18ec62ef765a7cc28d4 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 13:51:23 +1100
Subject: [PATCH 26/79] completed items from TODO list

---
 TODO | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/TODO b/TODO
index 933134e9..61bdc093 100644
--- a/TODO
+++ b/TODO
@@ -16,9 +16,9 @@ Legend:
 - Run tests though all filters/examples files - (see sshd example file) as unit
   test
 
-- Removed relative imports
+* Removed relative imports
 
-- Cleanup fail2ban-client and fail2ban-server. Move code to server/ and client/
+* Cleanup fail2ban-client and fail2ban-server. Move code to server/ and client/
 
 - Add timeout to external commands (signal alarm, watchdog thread, etc)
 

From a5928cc3cfe558f9731a32015ffbae6619a61fbb Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 13:52:18 +1100
Subject: [PATCH 27/79] ENH: packaging information for RPM builds

---
 setup.cfg | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/setup.cfg b/setup.cfg
index cdc25b29..53e7276a 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -3,3 +3,11 @@ install-purelib=/usr/share/fail2ban
 
 [sdist]
 formats=bztar
+
+[bdist_rpm]
+release = 1
+packager = Yaroslav Halchenko <debian@onerussian.com>
+doc_files = DEVELOP
+            README
+            THANKS
+            doc/run-rootless.txt

From 10d4aa16820accaedb313871dd56376142cf7f8c Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 13:53:12 +1100
Subject: [PATCH 28/79] BF: remove non-existant files from setup.py. ENH: add
 documentation

---
 setup.py | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/setup.py b/setup.py
index 37086227..784999a2 100755
--- a/setup.py
+++ b/setup.py
@@ -67,6 +67,9 @@ setup(
 						),
 						('/var/run/fail2ban',
 							''
+						),
+						('/usr/share/doc/fail2ban',
+							['README', 'DEVELOP', 'doc/run-rootless.txt']
 						)
 					]
 )
@@ -82,13 +85,7 @@ elements =	{
 				"/usr/bin/":
 					[
 						"fail2ban.py"
-					],
-				"/usr/lib/fail2ban/firewall/":
-					[
-						"iptables.py",
-						"ipfwadm.py",
-						"ipfw.py"
-					],
+					], 
 				"/usr/lib/fail2ban/":
 					[
 						"version.py",

From c6ac9c2e353ded2d081f6cc93359188293c057f4 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 13:53:51 +1100
Subject: [PATCH 29/79] ENH: git ignore failed patch reminants

---
 .gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index 1e3b2ec4..c2e979e5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,5 @@ dist
 *.pyc
 htmlcov
 .coverage
+*.orig
+*.rej

From 3aeb1a9f4e9094b9882b7f7daddbf687161968f6 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 13:57:42 +1100
Subject: [PATCH 30/79] ENH: jail.conf man page

---
 man/jail.conf.5 | 145 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 145 insertions(+)
 create mode 100644 man/jail.conf.5

diff --git a/man/jail.conf.5 b/man/jail.conf.5
new file mode 100644
index 00000000..7a841f7d
--- /dev/null
+++ b/man/jail.conf.5
@@ -0,0 +1,145 @@
+.TH JAIL.CONF.5 "fail2ban" "jail.conf(5)"
+.SH NAME
+jail.conf \- configuration for the fail2ban server
+.SH SYNOPSIS
+.B jail.conf / jail.local
+
+.B action.d/*.conf action.d/*.local
+
+.B filter.d/*.conf filter.d/*.local
+.SH DESCRIPTION
+Fail2ban has three configuration file types. Action files are the commands for banning and unbanning IP address,
+Filter files tell fail2ban how authentication failures occur, and Jail configurations that map the two together.
+
+There are *.conf files that are distributed by fail2ban and *.local file that contain user overwritten files. 
+It is recommend that *.conf files are not changed. *.local files are where users overwrite their default settings.
+For instance if you require the default [ssh-iptables-ipset] jail create a jail.local with The jail.conf file is
+ the configuration for the fail2ban server. Only overwride the settings you need to change and the rest come from 
+the default *.conf file.
+
+[ssh-iptables-ipset]
+
+enabled = true
+
+.SH DEFAULT
+The following options are applicable to all jails. Their meaning is in the default jail.conf file.
+.TP
+\fBignoreip\fR 
+.TP
+\fBbantime\fR
+.TP
+\fBfindtime\fR
+.TP
+\fBmaxretry\fR
+.TP
+\fBbackend\fR
+.TP
+\fBusedns\fR
+.TP
+.SH ACTION FILES
+Action files specify which commands are executed to ban an IP address. They are located in /etc/fail2ban/action.d.
+
+Like jail.conf files if you desire local changes create a [actionname].local file in the /etc/fail2ban/action.d directory 
+and override the required settings.
+
+The action files are ini files that have two sections, \fBdefination\fR and \fBinit\fR . 
+
+The [init] section allows for settings relevant to the action. In jail.conf/jail.local these can be overwritten for a particular jail.
+
+The commands are specified in the [defination] section as below..
+
+The commands are executed through a system shell so shell redirection and process control is allowed. The commands should
+return 0 to indicate success which will prevent fail2ban attempting to retry (up to \fBmaxretry\fR times to ban the IP again.
+
+The following action parameters are in the [defination] section.
+.TP
+\fBactionstart\fR
+This is the commands that are executed when the jail starts.
+.TP
+\fBactionstop\fR
+This is the commands that are executed when the jail stops.
+.TP
+\fBactioncheck\fR
+This is the command that is before each other action. It checks to see if the environment is ok.
+.TP
+\fBactionban\fR
+This is the command that bans the IP address.
+.TP
+\fBactionunban\fR
+This is the command that unbans the IP address after \fBbantime\fR.
+
+Tags are in <>. All the elements of [init] are tags that are replaced in all action commands. Tags can be added by the
+\fBfail2ban-client\fR using the setctag command.
+
+More that one command is allowed. Each command needs to be on a new line and indented with whitespace with no blank lines. The following defines
+two commands to be executed.
+
+actionban = iptables -I fail2ban-<name> --source <ip> -j DROP
+
+    echo ip=<ip>, match=<match>, time=<time> >> /var/log/fail2ban.log
+
+The following tags are also substituted in the actionban, actionunban and actioncheck (when called before actionban/actionunban).
+.TP
+\fBip\fR
+An IPv4 ip address to be banned. e.g. 192.168.0.2
+.TP
+.TP
+\fBfailures\fR
+The number of times the failure occurred in the log file. e.g. 3
+.TP
+\fBtime\fR
+The unix time of the ban. e.g. 1357508484
+.TP
+\fBmatches\fR
+The concatinated string of the log file lines of the matches that generated the ban.
+
+.SH FILTER FILES
+
+Filter definations are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
+
+These are used to identify failed authenicate attempts in logs and to extract the host IP address or hostname.
+
+Like action files, filter files are ini files. The main section is the [Definition] section.
+
+There are two filter definations used in the [defination] section, failregex and ignoreregex.
+Other definations are allowed and can be used to substitue into other definations with %(defnname). For example.
+
+baduseragents = IE|wget
+
+failregex = useragent=%(baduseragents)
+
+The \fBfailregex\fR and \fBignoreregex\fR have the following meanings:
+
+.TP
+\fBfailregex\fR
+is the regex that will match failed attempts. The tag <HOST> is used as part of the regex and is itself a regex
+for IPv4 addresses and hostnames. fail2ban will work out which one of these it actually is.
+
+.TP
+\fBignoreregex\fR
+is the regex that will be ignored by fail2ban, even if failregex matches.
+
+.PP
+Filters can also have a section called [INCLUDES]. This is used to read other configuration files.
+
+.TP
+\fBbefore\fR
+indicates that this file is read before the [defination] section.
+
+.TP
+\fBafter\fR
+indicates that this file is read after the [defination] section.
+
+.SH AUTHOR
+Fail2ban Written by Cyril Jaquier <cyril.jaquier@fail2ban.org> with many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.
+Manual page written by Daniel Black.
+.SH "REPORTING BUGS"
+Report bugs to https://github.com/fail2ban/fail2ban/issues
+.SH COPYRIGHT
+Copyright \(co 2013 Daniel Black
+.br
+Copyright of modifications held by their respective authors.
+Licensed under the GNU General Public License v2 (GPL).
+.SH "SEE ALSO"
+.br 
+fail2ban-server(1)

From 3cffb0c9e03ddd95695a9d8e66a9f03e4bba5875 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 16 Mar 2013 16:18:59 +1100
Subject: [PATCH 31/79] ENH: add test case for testing socket

---
 testcases/servertestcase.py | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/testcases/servertestcase.py b/testcases/servertestcase.py
index 4268df38..9b649a99 100644
--- a/testcases/servertestcase.py
+++ b/testcases/servertestcase.py
@@ -27,7 +27,7 @@ __date__ = "$Date$"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
 __license__ = "GPL"
 
-import unittest, socket, time, tempfile, os
+import unittest, socket, time, tempfile, os, stat
 from server.server import Server
 from common.exceptions import UnknownJailException
 
@@ -59,12 +59,12 @@ class Transmitter(unittest.TestCase):
 		self.__transm = self.__server._Server__transm
 		self.__server.setLogTarget("/dev/null")
 		self.__server.setLogLevel(0)
-		sock_fd, sock_name = tempfile.mkstemp('fail2ban.sock', 'transmitter')
+		sock_fd, self.__sock_name = tempfile.mkstemp('fail2ban.sock', 'transmitter')
 		os.close(sock_fd)
-		pidfile_fd, pidfile_name = tempfile.mkstemp(
+		pidfile_fd, self.__pidfile_name = tempfile.mkstemp(
 			'fail2ban.pid', 'transmitter')
 		os.close(pidfile_fd)
-		self.__server.start(sock_name, pidfile_name, force=False)
+		self.__server.start(self.__sock_name, self.__pidfile_name, force=False)
 		self.jailName = "TestJail1"
 		self.__server.addJail(self.jailName, "auto")
 
@@ -142,6 +142,22 @@ class Transmitter(unittest.TestCase):
 				self.__transm.proceed(["get", jail, cmd]),
 				(0, outValues[n+1:]))
 
+	def testSocket(self):
+		ss = os.stat(self.__sock_name)
+		self.assertIsNot(stat.S_ISSOCK(ss.st_mode), 0)
+
+	# pid removal is done in server.start
+	# unsure if this was intended
+	#def testPid(self):
+	#	pidfile = self.__pidfile_name
+	#	sp = os.stat(pidfile)
+	#	self.assertIsNot(stat.S_ISREG(sp.st_mode), 0)
+	#	self.assertEquals(stat.S_IMODE(sp.st_mode), stat.S_IRUSR | stat.S_IWUSR)
+	#	
+	#	p = open(pidfile,'r')
+	#	self.assertTrue(int(p.read()))
+	#	p.close()
+
 	def testStopServer(self):
 		self.assertEqual(self.__transm.proceed(["stop"]), (0, None))
 

From 883892a683f59432d5491372e778a40ba5dc9fc7 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Sat, 16 Mar 2013 17:55:22 +0000
Subject: [PATCH 32/79] Additional date/time formats for datedetector testcases

Also made a note that some workarounds for certain date/time formats
may cause week/year day to be incorrect. This does not affect
functionality of fail2ban so no urgency to fix.
---
 server/datetemplate.py            |  3 +++
 testcases/datedetectortestcase.py | 24 +++++++++++++++++-------
 2 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/server/datetemplate.py b/server/datetemplate.py
index f663862e..9efa2128 100644
--- a/server/datetemplate.py
+++ b/server/datetemplate.py
@@ -158,6 +158,7 @@ class DateStrptime(DateTemplate):
 							"pattern" % (opattern, e))
 			if date[0] < 2000:
 				# There is probably no year field in the logs
+				# NOTE: Possibly makes week/year day incorrect
 				date[0] = MyTime.gmtime()[0]
 				# Bug fix for #1241756
 				# If the date is greater than the current time, we suppose
@@ -166,10 +167,12 @@ class DateStrptime(DateTemplate):
 					logSys.debug(
 						u"Correcting deduced year from %d to %d since %f > %f" %
 						(date[0], date[0]-1, time.mktime(date), MyTime.time()))
+					# NOTE: Possibly makes week/year day incorrect
 					date[0] -= 1
 				elif date[1] == 1 and date[2] == 1:
 					# If it is Jan 1st, it is either really Jan 1st or there
 					# is neither month nor day in the log.
+					# NOTE: Possibly makes week/year day incorrect
 					date[1] = MyTime.gmtime()[1]
 					date[2] = MyTime.gmtime()[2]
 		return date
diff --git a/testcases/datedetectortestcase.py b/testcases/datedetectortestcase.py
index 34ce22ce..524ff175 100644
--- a/testcases/datedetectortestcase.py
+++ b/testcases/datedetectortestcase.py
@@ -46,35 +46,45 @@ class DateDetectorTest(unittest.TestCase):
 		date = [2006, 1, 23, 21, 59, 59, 0, 23, 0]
 		dateUnix = 1138049999.0
 		
-		self.assertEqual(self.__datedetector.getTime(log), date)
+		self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
 		self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 	
 	def testGetTime(self):
 		log = "Jan 23 21:59:59 [sshd] error: PAM: Authentication failure"
-		date = [2005, 1, 23, 21, 59, 59, 1, 23, -1]
+		date = [2005, 1, 23, 21, 59, 59, 6, 23, -1]
 		dateUnix = 1106513999.0
 	
-		self.assertEqual(self.__datedetector.getTime(log), date)
+		self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
 		self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 
 	def testVariousTimes(self):
 		"""Test detection of various common date/time formats f2b should understand
 		"""
-		date = [2005, 1, 23, 21, 59, 59, 1, 23, -1]
+		date = [2005, 1, 23, 21, 59, 59, 6, 23, -1]
 		dateUnix = 1106513999.0
 
 		for sdate in (
 			"Jan 23 21:59:59",
+			"Sun Jan 23 21:59:59 2005",
+			"Sun Jan 23 21:59:59",
+			"2005/01/23 21:59:59",
 			"2005.01.23 21:59:59",
 			"23/01/2005 21:59:59",
+			"23/01/05 21:59:59",
+			"23/Jan/2005:21:59:59",
+			"01/23/2005:21:59:59",
+			"2005-01-23 21:59:59",
+			"23-Jan-2005 21:59:59",
+			"23-01-2005 21:59:59",
 			"01-23-2005 21:59:59.252", # reported on f2b, causes Feb29 fix to break
+			#"@4000000041f41e5f00000000", # TAI64N
+			"2005-01-23T21:59:59.252Z", #ISO 8601
+			"2005-01-23T21:59:59-05:00Z", #ISO 8601 with TZ
+			"<01/23/05@21:59:59>",
 			):
 			log = sdate + "[sshd] error: PAM: Authentication failure"
 			# exclude
 
-			# TODO (Yarik is confused): figure out why for above it is
-			#      "1" as day of the week which would be Tue, although it
-			#      was Sun
 			self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
 			self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 

From 86d48a854f5b8da05a07372365c84139c74cce8b Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Sat, 16 Mar 2013 18:18:27 +0000
Subject: [PATCH 33/79] Correct datedetector testcases for TAI64N format

---
 testcases/datedetectortestcase.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/datedetectortestcase.py b/testcases/datedetectortestcase.py
index 524ff175..d31ed568 100644
--- a/testcases/datedetectortestcase.py
+++ b/testcases/datedetectortestcase.py
@@ -77,7 +77,7 @@ class DateDetectorTest(unittest.TestCase):
 			"23-Jan-2005 21:59:59",
 			"23-01-2005 21:59:59",
 			"01-23-2005 21:59:59.252", # reported on f2b, causes Feb29 fix to break
-			#"@4000000041f41e5f00000000", # TAI64N
+			"@4000000041f4104f00000000", # TAI64N
 			"2005-01-23T21:59:59.252Z", #ISO 8601
 			"2005-01-23T21:59:59-05:00Z", #ISO 8601 with TZ
 			"<01/23/05@21:59:59>",

From 67544d1dd677667c394da6dfb53a120755081144 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 17 Mar 2013 10:52:49 +1100
Subject: [PATCH 34/79] DOC: tags are documented in the jail.conf(5) man page

---
 config/action.d/complain.conf                | 9 ++-------
 config/action.d/dshield.conf                 | 9 ++-------
 config/action.d/dummy.conf                   | 8 ++------
 config/action.d/hostsdeny.conf               | 8 ++------
 config/action.d/ipfilter.conf                | 8 ++------
 config/action.d/ipfw.conf                    | 8 ++------
 config/action.d/iptables-allports.conf       | 8 ++------
 config/action.d/iptables-ipset-proto4.conf   | 4 ++--
 config/action.d/iptables-ipset-proto6.conf   | 4 ++--
 config/action.d/iptables-multiport-log.conf  | 8 ++------
 config/action.d/iptables-multiport.conf      | 8 ++------
 config/action.d/iptables-new.conf            | 8 ++------
 config/action.d/iptables-xt_recent-echo.conf | 8 ++------
 config/action.d/iptables.conf                | 8 ++------
 config/action.d/mail-buffered.conf           | 8 ++------
 config/action.d/mail-whois-lines.conf        | 9 ++-------
 config/action.d/mail-whois.conf              | 8 ++------
 config/action.d/mail.conf                    | 8 ++------
 config/action.d/mynetwatchman.conf           | 8 ++------
 config/action.d/sendmail-buffered.conf       | 8 ++------
 config/action.d/sendmail-whois-lines.conf    | 8 ++------
 config/action.d/sendmail-whois.conf          | 8 ++------
 config/action.d/sendmail.conf                | 8 ++------
 config/action.d/shorewall.conf               | 8 ++------
 24 files changed, 48 insertions(+), 139 deletions(-)

diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
index 6677ec49..4c2de92b 100644
--- a/config/action.d/complain.conf
+++ b/config/action.d/complain.conf
@@ -52,10 +52,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <failtime>  unix timestamp of the last failure
-#          <bantime>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = ADDRESSES=`whois <ip> | perl -e 'while (<STDIN>) { next if /^changed|@(ripe|apnic)\.net/io; $m += (/abuse|trouble:|report|spam|security/io?3:0); if (/([a-z0-9_\-\.+]+@[a-z0-9\-]+(\.[[a-z0-9\-]+)+)/io) { while (s/([a-z0-9_\-\.+]+@[a-z0-9\-]+(\.[[a-z0-9\-]+)+)//io) { if ($m) { $a{lc($1)}=$m } else { $b{lc($1)}=$m } } $m=0 } else { $m && --$m } } if (%%a) {print join(",",keys(%%a))} else {print join(",",keys(%%b))}'`
@@ -67,9 +64,7 @@ actionban = ADDRESSES=`whois <ip> | perl -e 'while (<STDIN>) { next if /^changed
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <bantime>  unix timestamp of the ban time
-#          <unbantime>  unix timestamp of the unban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban =
diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index c581af1c..151db28f 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -54,9 +54,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 # See http://www.dshield.org/specs.html for more on report format/notes
@@ -91,9 +89,7 @@ actionban = TZONE=`date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'`
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = if [ -f <tmpfile>.first ]; then
@@ -159,7 +155,6 @@ minreportinterval = 3600
 #          submit the batch, even if we haven't reached <lines> yet. Note that
 #          this is only checked on each ban/unban, and that we always send
 #          anything in the buffer on shutdown. Must be greater than
-#          <minreportinterval>.
 # Values:  [ NUM ]  Default: 21600 (6 hours)
 #
 maxbufferage = 21600
diff --git a/config/action.d/dummy.conf b/config/action.d/dummy.conf
index 12ceefed..ea59881a 100644
--- a/config/action.d/dummy.conf
+++ b/config/action.d/dummy.conf
@@ -29,9 +29,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "+<ip>\n" >> /tmp/fail2ban.dummy
@@ -39,9 +37,7 @@ actionban = printf %%b "+<ip>\n" >> /tmp/fail2ban.dummy
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = printf %%b "-<ip>\n" >> /tmp/fail2ban.dummy
diff --git a/config/action.d/hostsdeny.conf b/config/action.d/hostsdeny.conf
index 8c98420a..b04f2adb 100644
--- a/config/action.d/hostsdeny.conf
+++ b/config/action.d/hostsdeny.conf
@@ -28,9 +28,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = IP=<ip> &&
@@ -39,9 +37,7 @@ actionban = IP=<ip> &&
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = IP=<ip> && sed -i.old /ALL:\ $IP/d <file>
diff --git a/config/action.d/ipfilter.conf b/config/action.d/ipfilter.conf
index 991d9e58..d77de9bf 100644
--- a/config/action.d/ipfilter.conf
+++ b/config/action.d/ipfilter.conf
@@ -34,9 +34,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = echo block in quick from <ip>/32 | /sbin/ipf -f -
@@ -45,9 +43,7 @@ actionban = echo block in quick from <ip>/32 | /sbin/ipf -f -
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 # note -r option used to remove matching rule
diff --git a/config/action.d/ipfw.conf b/config/action.d/ipfw.conf
index 6fd12c19..62612307 100644
--- a/config/action.d/ipfw.conf
+++ b/config/action.d/ipfw.conf
@@ -32,9 +32,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = ipfw add deny tcp from <ip> to <localhost> <port>
@@ -43,9 +41,7 @@ actionban = ipfw add deny tcp from <ip> to <localhost> <port>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = ipfw delete `ipfw list | grep -i <ip> | awk '{print $1;}'`
diff --git a/config/action.d/iptables-allports.conf b/config/action.d/iptables-allports.conf
index c7f76c83..a02ba63d 100644
--- a/config/action.d/iptables-allports.conf
+++ b/config/action.d/iptables-allports.conf
@@ -34,9 +34,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
@@ -44,9 +42,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
diff --git a/config/action.d/iptables-ipset-proto4.conf b/config/action.d/iptables-ipset-proto4.conf
index 665d35cf..4221dd8d 100644
--- a/config/action.d/iptables-ipset-proto4.conf
+++ b/config/action.d/iptables-ipset-proto4.conf
@@ -38,7 +38,7 @@ actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = ipset --test fail2ban-<name> <ip> ||  ipset --add fail2ban-<name> <ip>
@@ -46,7 +46,7 @@ actionban = ipset --test fail2ban-<name> <ip> ||  ipset --add fail2ban-<name> <i
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = ipset --test fail2ban-<name> <ip> && ipset --del fail2ban-<name> <ip>
diff --git a/config/action.d/iptables-ipset-proto6.conf b/config/action.d/iptables-ipset-proto6.conf
index e4ceb0d0..d90acd44 100644
--- a/config/action.d/iptables-ipset-proto6.conf
+++ b/config/action.d/iptables-ipset-proto6.conf
@@ -38,7 +38,7 @@ actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
@@ -46,7 +46,7 @@ actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = ipset del fail2ban-<name> <ip> -exist
diff --git a/config/action.d/iptables-multiport-log.conf b/config/action.d/iptables-multiport-log.conf
index 0f4947dd..49958013 100644
--- a/config/action.d/iptables-multiport-log.conf
+++ b/config/action.d/iptables-multiport-log.conf
@@ -42,9 +42,7 @@ actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
@@ -52,9 +50,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
diff --git a/config/action.d/iptables-multiport.conf b/config/action.d/iptables-multiport.conf
index 8b15ad86..ab0ee8de 100644
--- a/config/action.d/iptables-multiport.conf
+++ b/config/action.d/iptables-multiport.conf
@@ -32,9 +32,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
@@ -42,9 +40,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
diff --git a/config/action.d/iptables-new.conf b/config/action.d/iptables-new.conf
index 64f54582..12f398c7 100644
--- a/config/action.d/iptables-new.conf
+++ b/config/action.d/iptables-new.conf
@@ -34,9 +34,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
@@ -44,9 +42,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
diff --git a/config/action.d/iptables-xt_recent-echo.conf b/config/action.d/iptables-xt_recent-echo.conf
index 170fef07..887311be 100644
--- a/config/action.d/iptables-xt_recent-echo.conf
+++ b/config/action.d/iptables-xt_recent-echo.conf
@@ -46,9 +46,7 @@ actioncheck = test -e /proc/net/xt_recent/fail2ban-<name>
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
@@ -56,9 +54,7 @@ actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = echo -<ip> > /proc/net/xt_recent/fail2ban-<name>
diff --git a/config/action.d/iptables.conf b/config/action.d/iptables.conf
index 083065fc..a3412f6b 100644
--- a/config/action.d/iptables.conf
+++ b/config/action.d/iptables.conf
@@ -32,9 +32,7 @@ actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
@@ -42,9 +40,7 @@ actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
index 6fd51d23..94a60e3b 100644
--- a/config/action.d/mail-buffered.conf
+++ b/config/action.d/mail-buffered.conf
@@ -43,9 +43,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
@@ -62,9 +60,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
index 1ace68f6..2120432e 100644
--- a/config/action.d/mail-whois-lines.conf
+++ b/config/action.d/mail-whois-lines.conf
@@ -34,10 +34,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <failtime>  unix timestamp of the last failure
-#          <bantime>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Hi,\n
@@ -53,9 +50,7 @@ actionban = printf %%b "Hi,\n
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <bantime>  unix timestamp of the ban time
-#          <unbantime>  unix timestamp of the unban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
index 1581c42c..3293c7a2 100644
--- a/config/action.d/mail-whois.conf
+++ b/config/action.d/mail-whois.conf
@@ -34,9 +34,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Hi,\n
@@ -50,9 +48,7 @@ actionban = printf %%b "Hi,\n
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
index 02946b43..f9942e10 100644
--- a/config/action.d/mail.conf
+++ b/config/action.d/mail.conf
@@ -34,9 +34,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Hi,\n
@@ -48,9 +46,7 @@ actionban = printf %%b "Hi,\n
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/mynetwatchman.conf b/config/action.d/mynetwatchman.conf
index 3ae3e6db..06f16db6 100644
--- a/config/action.d/mynetwatchman.conf
+++ b/config/action.d/mynetwatchman.conf
@@ -49,9 +49,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 #
@@ -71,9 +69,7 @@ actionban = MNWLOGIN=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",or
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban =
diff --git a/config/action.d/sendmail-buffered.conf b/config/action.d/sendmail-buffered.conf
index 80f71374..ce4479e8 100644
--- a/config/action.d/sendmail-buffered.conf
+++ b/config/action.d/sendmail-buffered.conf
@@ -52,9 +52,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
@@ -74,9 +72,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/sendmail-whois-lines.conf b/config/action.d/sendmail-whois-lines.conf
index dfbf9ff8..a4b53b97 100644
--- a/config/action.d/sendmail-whois-lines.conf
+++ b/config/action.d/sendmail-whois-lines.conf
@@ -42,9 +42,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
@@ -64,9 +62,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/sendmail-whois.conf b/config/action.d/sendmail-whois.conf
index e6a15fb5..f63fd36f 100644
--- a/config/action.d/sendmail-whois.conf
+++ b/config/action.d/sendmail-whois.conf
@@ -42,9 +42,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
@@ -62,9 +60,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/sendmail.conf b/config/action.d/sendmail.conf
index 5bb75575..569b3bfa 100644
--- a/config/action.d/sendmail.conf
+++ b/config/action.d/sendmail.conf
@@ -42,9 +42,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
@@ -60,9 +58,7 @@ actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = 
diff --git a/config/action.d/shorewall.conf b/config/action.d/shorewall.conf
index 4bb6f4dc..aca3a256 100644
--- a/config/action.d/shorewall.conf
+++ b/config/action.d/shorewall.conf
@@ -36,9 +36,7 @@ actioncheck =
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionban = shorewall drop <ip>
@@ -46,9 +44,7 @@ actionban = shorewall drop <ip>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
+# Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
 actionunban = shorewall allow <ip>

From 936a29f7a6e73f51628d687085f9e66ddebbc6eb Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sun, 17 Mar 2013 12:31:29 +1100
Subject: [PATCH 35/79] BF: add missing items from MANIFEST, used by python
 setup.py sdist

---
 MANIFEST | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/MANIFEST b/MANIFEST
index bedfe560..21c7a03f 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -42,6 +42,7 @@ server/banmanager.py
 server/datetemplate.py
 server/mytime.py
 server/failregex.py
+testcases/files/testcase-usedns.log
 testcases/banmanagertestcase.py
 testcases/failmanagertestcase.py
 testcases/clientreadertestcase.py
@@ -57,6 +58,7 @@ testcases/files/testcase04.log
 setup.py
 setup.cfg
 common/__init__.py
+common/exceptions.py
 common/helpers.py
 common/version.py
 common/protocol.py
@@ -88,6 +90,17 @@ config/filter.d/vsftpd.conf
 config/filter.d/webmin-auth.conf
 config/filter.d/wuftpd.conf
 config/filter.d/xinetd-fail.conf
+config/filter.d/asterisk.conf
+config/filter.d/dovecot.conf
+config/filter.d/dropbear.conf
+config/filter.d/lighttpd-auth.conf
+config/filter.d/recidive.conf
+config/filter.d/roundcube-auth.conf
+config/action.d/dummy.conf
+config/action.d/iptables-ipset-proto4.conf
+config/action.d/iptables-ipset-proto6.conf
+config/action.d/iptables-xt_recent-echo.conf
+config/action.d/route.conf
 config/action.d/complain.conf
 config/action.d/dshield.conf
 config/action.d/hostsdeny.conf
@@ -110,6 +123,7 @@ config/action.d/sendmail-whois-lines.conf
 config/action.d/shorewall.conf
 config/fail2ban.conf
 man/fail2ban-client.1
+man/jail.conf.5
 man/fail2ban-client.h2m
 man/fail2ban-server.1
 man/fail2ban-server.h2m

From 43b8a66482a89392067c7271d423954fea8d7eb7 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Sun, 17 Mar 2013 09:18:14 +0000
Subject: [PATCH 36/79] Update MANIFEST with and author of
 testcases/sockettestcase.py

---
 MANIFEST                    | 1 +
 testcases/sockettestcase.py | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/MANIFEST b/MANIFEST
index bedfe560..d3890034 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -50,6 +50,7 @@ testcases/__init__.py
 testcases/datedetectortestcase.py
 testcases/actiontestcase.py
 testcases/servertestcase.py
+testcases/sockettestcase.py
 testcases/files/testcase01.log
 testcases/files/testcase02.log
 testcases/files/testcase03.log
diff --git a/testcases/sockettestcase.py b/testcases/sockettestcase.py
index b7258c0f..4cd5a687 100644
--- a/testcases/sockettestcase.py
+++ b/testcases/sockettestcase.py
@@ -17,14 +17,14 @@
 # along with Fail2Ban; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
-# Author: Cyril Jaquier
+# Author: Steven Hiscocks
 # 
 # $Revision$
 
-__author__ = "Cyril Jaquier"
+__author__ = "Steven Hiscocks"
 __version__ = "$Revision$"
 __date__ = "$Date$"
-__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__copyright__ = "Copyright (c) 2013 Steven Hiscocks"
 __license__ = "GPL"
 
 import unittest, time, tempfile, os, threading

From 99bf14851fc003b44177b2318d254adda41ec6bd Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 22 Mar 2013 09:20:21 -0400
Subject: [PATCH 37/79] BF+TST: Introduce delay before stopping all jails in
 testStartStopAllJail. fixes #146

---
 testcases/servertestcase.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/testcases/servertestcase.py b/testcases/servertestcase.py
index 4268df38..144e1b01 100644
--- a/testcases/servertestcase.py
+++ b/testcases/servertestcase.py
@@ -211,6 +211,10 @@ class Transmitter(unittest.TestCase):
 			self.__transm.proceed(["start", self.jailName]), (0, None))
 		self.assertEqual(
 			self.__transm.proceed(["start", "TestJail2"]), (0, None))
+		# yoh: workaround for gh-146.  I still think that there is some
+		#      race condition and missing locking somewhere, but for now
+		#      giving it a small delay reliably helps to proceed with tests
+		time.sleep(0.1)
 		self.assertEqual(self.__transm.proceed(["stop", "all"]), (0, None))
 		time.sleep(1)
 		self.assertRaises(

From 989fc06a420a6f8f356c13d9a68a3173dcd39889 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 22 Mar 2013 09:26:33 -0400
Subject: [PATCH 38/79] DOC: DEVELOP -- mention TST commit tag, adjust
 formatting in Releasing

---
 DEVELOP | 39 ++++++++++++++++++++++++---------------
 1 file changed, 24 insertions(+), 15 deletions(-)

diff --git a/DEVELOP b/DEVELOP
index 09bf7277..623aee12 100644
--- a/DEVELOP
+++ b/DEVELOP
@@ -44,7 +44,7 @@ coverage html
 
 Then look at htmlcov/index.html and see how much coverage your test cases
 exert over the codebase. Full coverage is a good thing however it may not be
-complete. Try to ensure tests cover as many independant paths through the
+complete. Try to ensure tests cover as many independent paths through the
 code.
 
 Manual Execution. To run in a development environment do:
@@ -67,7 +67,7 @@ status test
 
 
 Coding Standards
-================ 
+================
 
 Style
 -----
@@ -106,9 +106,12 @@ Git
 
 Use the following tags in your commit messages:
 
-'ENH:' for enhancements
 'BF:' for bug fixes
 'DOC:' for documentation fixes
+'ENH:' for enhancements
+'TST:' for commits concerning tests only (thus not touching the main code-base)
+
+Multiple tags could be joined with +, e.g. "BF+TST:".
 
 Adding Actions
 --------------
@@ -246,24 +249,30 @@ Takes care about executing start/check/ban/unban/stop commands
 Releasing
 =========
 
-Ensure the version is correct in ./common/version.py
+# Ensure the version is correct in ./common/version.py
 
-Add/finalize the corresponding entry in the ChangeLog
+# Add/finalize the corresponding entry in the ChangeLog
 
-# update man pages
-(cd man ; ./generate-man )
+# Update man pages
 
-git commit -m 'update man pages for release' man/*
+  (cd man ; ./generate-man )
+  git commit -m 'update man pages for release' man/*
 
-python setup.py check
-python setup.py sdist
-python setup.py bdist_rpm
-python setup.py upload
+# Make sure the tests pass
 
-Run the following and update the wiki with output:
+  ./fail2ban-testcases-all
 
-python -c 'import common.protocol; common.protocol.printWiki()'
+# Prepare/upload source and rpm binary distributions
 
-email users and development list of release
+  python setup.py check
+  python setup.py sdist
+  python setup.py bdist_rpm
+  python setup.py upload
+
+# Run the following and update the wiki with output:
+
+  python -c 'import common.protocol; common.protocol.printWiki()'
+
+# Email users and development list of release
 
 TODO notifying distributors etc.

From ec87e3edbd7ac07d2bea1d60db6627cfc531f8e7 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 22 Mar 2013 21:15:37 +0000
Subject: [PATCH 39/79] TST: Break out server testcases that modify logging
 settings

---
 fail2ban-testcases          |   3 +
 testcases/servertestcase.py | 229 ++++++++++++++++++++----------------
 2 files changed, 128 insertions(+), 104 deletions(-)

diff --git a/fail2ban-testcases b/fail2ban-testcases
index 2ab59f6a..7efe183f 100755
--- a/fail2ban-testcases
+++ b/fail2ban-testcases
@@ -175,6 +175,9 @@ for Filter_ in filters:
 	tests.addTest(unittest.makeSuite(
 		filtertestcase.get_monitor_failures_testcase(Filter_)))
 
+# Server test for logging elements which break logging used to support
+# testcases analysis
+tests.addTest(unittest.makeSuite(servertestcase.TransmitterLogging))
 
 #
 # Run the tests
diff --git a/testcases/servertestcase.py b/testcases/servertestcase.py
index 144e1b01..ffb057a9 100644
--- a/testcases/servertestcase.py
+++ b/testcases/servertestcase.py
@@ -50,27 +50,29 @@ class StartStop(unittest.TestCase):
 		time.sleep(1)
 		self.__server.stopJail(name)
 
+class TestServer(Server):
+	def setLogLevel(self, *args, **kwargs):
+		pass
+	def setLogTarget(self, *args, **kwargs):
+		pass
 
-class Transmitter(unittest.TestCase):
+class TransmitterBase(unittest.TestCase):
 	
 	def setUp(self):
 		"""Call before every test case."""
-		self.__server = Server()
-		self.__transm = self.__server._Server__transm
-		self.__server.setLogTarget("/dev/null")
-		self.__server.setLogLevel(0)
+		self.transm = self.server._Server__transm
 		sock_fd, sock_name = tempfile.mkstemp('fail2ban.sock', 'transmitter')
 		os.close(sock_fd)
 		pidfile_fd, pidfile_name = tempfile.mkstemp(
 			'fail2ban.pid', 'transmitter')
 		os.close(pidfile_fd)
-		self.__server.start(sock_name, pidfile_name, force=False)
+		self.server.start(sock_name, pidfile_name, force=False)
 		self.jailName = "TestJail1"
-		self.__server.addJail(self.jailName, "auto")
+		self.server.addJail(self.jailName, "auto")
 
 	def tearDown(self):
 		"""Call after every test case."""
-		self.__server.quit()
+		self.server.quit()
 
 	def setGetTest(self, cmd, inValue, outValue=None, jail=None):
 		setCmd = ["set", cmd, inValue]
@@ -81,8 +83,8 @@ class Transmitter(unittest.TestCase):
 		if outValue is None:
 			outValue = inValue
 
-		self.assertEqual(self.__transm.proceed(setCmd), (0, outValue))
-		self.assertEqual(self.__transm.proceed(getCmd), (0, outValue))
+		self.assertEqual(self.transm.proceed(setCmd), (0, outValue))
+		self.assertEqual(self.transm.proceed(getCmd), (0, outValue))
 
 	def setGetTestNOK(self, cmd, inValue, jail=None):
 		setCmd = ["set", cmd, inValue]
@@ -92,30 +94,30 @@ class Transmitter(unittest.TestCase):
 			getCmd.insert(1, jail)
 
 		# Get initial value before trying invalid value
-		initValue = self.__transm.proceed(getCmd)[1]
-		self.assertEqual(self.__transm.proceed(setCmd)[0], 1)
+		initValue = self.transm.proceed(getCmd)[1]
+		self.assertEqual(self.transm.proceed(setCmd)[0], 1)
 		# Check after failed set that value is same as previous
-		self.assertEqual(self.__transm.proceed(getCmd), (0, initValue))
+		self.assertEqual(self.transm.proceed(getCmd), (0, initValue))
 
 	def jailAddDelTest(self, cmd, values, jail):
 		cmdAdd = "add" + cmd
 		cmdDel = "del" + cmd
 
 		self.assertEqual(
-			self.__transm.proceed(["get", jail, cmd]), (0, []))
+			self.transm.proceed(["get", jail, cmd]), (0, []))
 		for n, value in enumerate(values):
 			self.assertEqual(
-				self.__transm.proceed(["set", jail, cmdAdd, value]),
+				self.transm.proceed(["set", jail, cmdAdd, value]),
 				(0, values[:n+1]))
 			self.assertEqual(
-				self.__transm.proceed(["get", jail, cmd]),
+				self.transm.proceed(["get", jail, cmd]),
 				(0, values[:n+1]))
 		for n, value in enumerate(values):
 			self.assertEqual(
-				self.__transm.proceed(["set", jail, cmdDel, value]),
+				self.transm.proceed(["set", jail, cmdDel, value]),
 				(0, values[n+1:]))
 			self.assertEqual(
-				self.__transm.proceed(["get", jail, cmd]),
+				self.transm.proceed(["get", jail, cmd]),
 				(0, values[n+1:]))
 
 	def jailAddDelRegexTest(self, cmd, inValues, outValues, jail):
@@ -126,111 +128,94 @@ class Transmitter(unittest.TestCase):
 			outValues = inValues
 
 		self.assertEqual(
-			self.__transm.proceed(["get", jail, cmd]), (0, []))
+			self.transm.proceed(["get", jail, cmd]), (0, []))
 		for n, value in enumerate(inValues):
 			self.assertEqual(
-				self.__transm.proceed(["set", jail, cmdAdd, value]),
+				self.transm.proceed(["set", jail, cmdAdd, value]),
 				(0, outValues[:n+1]))
 			self.assertEqual(
-				self.__transm.proceed(["get", jail, cmd]),
+				self.transm.proceed(["get", jail, cmd]),
 				(0, outValues[:n+1]))
 		for n, value in enumerate(inValues):
 			self.assertEqual(
-				self.__transm.proceed(["set", jail, cmdDel, 0]), # First item
+				self.transm.proceed(["set", jail, cmdDel, 0]), # First item
 				(0, outValues[n+1:]))
 			self.assertEqual(
-				self.__transm.proceed(["get", jail, cmd]),
+				self.transm.proceed(["get", jail, cmd]),
 				(0, outValues[n+1:]))
 
+class Transmitter(TransmitterBase):
+
+	def setUp(self):
+		self.server = TestServer()
+		super(Transmitter, self).setUp()
+
 	def testStopServer(self):
-		self.assertEqual(self.__transm.proceed(["stop"]), (0, None))
+		self.assertEqual(self.transm.proceed(["stop"]), (0, None))
 
 	def testPing(self):
-		self.assertEqual(self.__transm.proceed(["ping"]), (0, "pong"))
+		self.assertEqual(self.transm.proceed(["ping"]), (0, "pong"))
 
 	def testSleep(self):
 		t0 = time.time()
-		self.assertEqual(self.__transm.proceed(["sleep", "1"]), (0, None))
+		self.assertEqual(self.transm.proceed(["sleep", "1"]), (0, None))
 		t1 = time.time()
 		# Approx 1 second delay
 		self.assertAlmostEqual(t1 - t0, 1, places=2)
 
-	def testLogTarget(self):
-		logTargets = []
-		for _ in xrange(3):
-			tmpFile = tempfile.mkstemp("fail2ban", "transmitter")
-			logTargets.append(tmpFile[1])
-			os.close(tmpFile[0])
-		for logTarget in logTargets:
-			self.setGetTest("logtarget", logTarget)
-
-		# If path is invalid, do not change logtarget
-		value = "/this/path/should/not/exist"
-		self.setGetTestNOK("logtarget", value)
-
-		self.__transm.proceed(["set", "/dev/null"])
-		for logTarget in logTargets:
-			os.remove(logTarget)
-
-	def testLogLevel(self):
-		self.setGetTest("loglevel", "4", 4)
-		self.setGetTest("loglevel", "2", 2)
-		self.setGetTest("loglevel", "-1", -1)
-		self.setGetTestNOK("loglevel", "Bird")
-
 	def testAddJail(self):
 		jail2 = "TestJail2"
 		jail3 = "TestJail3"
 		jail4 = "TestJail4"
 		self.assertEqual(
-			self.__transm.proceed(["add", jail2, "polling"]), (0, jail2))
-		self.assertEqual(self.__transm.proceed(["add", jail3]), (0, jail3))
+			self.transm.proceed(["add", jail2, "polling"]), (0, jail2))
+		self.assertEqual(self.transm.proceed(["add", jail3]), (0, jail3))
 		self.assertEqual(
-			self.__transm.proceed(["add", jail4, "invalid backend"])[0], 1)
+			self.transm.proceed(["add", jail4, "invalid backend"])[0], 1)
 		self.assertEqual(
-			self.__transm.proceed(["add", jail4, "auto"]), (0, jail4))
+			self.transm.proceed(["add", jail4, "auto"]), (0, jail4))
 		# Duplicate Jail
 		self.assertEqual(
-			self.__transm.proceed(["add", self.jailName, "polling"])[0], 1)
+			self.transm.proceed(["add", self.jailName, "polling"])[0], 1)
 		# All name is reserved
 		self.assertEqual(
-			self.__transm.proceed(["add", "all", "polling"])[0], 1)
+			self.transm.proceed(["add", "all", "polling"])[0], 1)
 
 	def testStartStopJail(self):
 		self.assertEqual(
-			self.__transm.proceed(["start", self.jailName]), (0, None))
+			self.transm.proceed(["start", self.jailName]), (0, None))
 		time.sleep(1)
 		self.assertEqual(
-			self.__transm.proceed(["stop", self.jailName]), (0, None))
+			self.transm.proceed(["stop", self.jailName]), (0, None))
 		self.assertRaises(
-			UnknownJailException, self.__server.isAlive, self.jailName)
+			UnknownJailException, self.server.isAlive, self.jailName)
 
 	def testStartStopAllJail(self):
-		self.__server.addJail("TestJail2", "auto")
+		self.server.addJail("TestJail2", "auto")
 		self.assertEqual(
-			self.__transm.proceed(["start", self.jailName]), (0, None))
+			self.transm.proceed(["start", self.jailName]), (0, None))
 		self.assertEqual(
-			self.__transm.proceed(["start", "TestJail2"]), (0, None))
+			self.transm.proceed(["start", "TestJail2"]), (0, None))
 		# yoh: workaround for gh-146.  I still think that there is some
 		#      race condition and missing locking somewhere, but for now
 		#      giving it a small delay reliably helps to proceed with tests
 		time.sleep(0.1)
-		self.assertEqual(self.__transm.proceed(["stop", "all"]), (0, None))
+		self.assertEqual(self.transm.proceed(["stop", "all"]), (0, None))
 		time.sleep(1)
 		self.assertRaises(
-			UnknownJailException, self.__server.isAlive, self.jailName)
+			UnknownJailException, self.server.isAlive, self.jailName)
 		self.assertRaises(
-			UnknownJailException, self.__server.isAlive, "TestJail2")
+			UnknownJailException, self.server.isAlive, "TestJail2")
 
 	def testJailIdle(self):
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "idle", "on"]),
+			self.transm.proceed(["set", self.jailName, "idle", "on"]),
 			(0, True))
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "idle", "off"]),
+			self.transm.proceed(["set", self.jailName, "idle", "off"]),
 			(0, False))
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "idle", "CAT"])[0],
+			self.transm.proceed(["set", self.jailName, "idle", "CAT"])[0],
 			1)
 
 	def testJailFindTime(self):
@@ -253,28 +238,28 @@ class Transmitter(unittest.TestCase):
 		# Safe default should be "no"
 		value = "Fish"
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "usedns", value]),
+			self.transm.proceed(["set", self.jailName, "usedns", value]),
 			(0, "no"))
 
 	def testJailBanIP(self):
-		self.__server.startJail(self.jailName) # Jail must be started
+		self.server.startJail(self.jailName) # Jail must be started
 
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "banip", "127.0.0.1"]),
+			self.transm.proceed(["set", self.jailName, "banip", "127.0.0.1"]),
 			(0, "127.0.0.1"))
 		time.sleep(1) # Give chance to ban
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "banip", "Badger"]),
+			self.transm.proceed(["set", self.jailName, "banip", "Badger"]),
 			(0, "Badger")) #NOTE: Is IP address validated? Is DNS Lookup done?
 		time.sleep(1) # Give chance to ban
 		# Unban IP
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "unbanip", "127.0.0.1"]),
 			(0, "127.0.0.1"))
 		# Unban IP which isn't banned
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "unbanip", "192.168.1.1"])[0],1)
 
 	def testJailMaxRetry(self):
@@ -296,22 +281,22 @@ class Transmitter(unittest.TestCase):
 		# Try duplicates
 		value = "testcases/files/testcase04.log"
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "addlogpath", value]),
+			self.transm.proceed(["set", self.jailName, "addlogpath", value]),
 			(0, [value]))
 		# Will silently ignore duplicate
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "addlogpath", value]),
+			self.transm.proceed(["set", self.jailName, "addlogpath", value]),
 			(0, [value]))
 		self.assertEqual(
-			self.__transm.proceed(["get", self.jailName, "logpath"]),
+			self.transm.proceed(["get", self.jailName, "logpath"]),
 			(0, [value]))
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "dellogpath", value]),
+			self.transm.proceed(["set", self.jailName, "dellogpath", value]),
 			(0, []))
 
 		# Invalid file
 		value = "this_file_shouldn't_exist"
-		result = self.__transm.proceed(
+		result = self.transm.proceed(
 			["set", self.jailName, "addlogpath", value])
 		self.assertTrue(isinstance(result[1], IOError))
 
@@ -329,18 +314,18 @@ class Transmitter(unittest.TestCase):
 		# Try duplicates
 		value = "127.0.0.1"
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "addignoreip", value]),
+			self.transm.proceed(["set", self.jailName, "addignoreip", value]),
 			(0, [value]))
 		# Will allow duplicate
 		#NOTE: Should duplicates be allowed, or silent ignore like logpath?
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "addignoreip", value]),
+			self.transm.proceed(["set", self.jailName, "addignoreip", value]),
 			(0, [value, value]))
 		self.assertEqual(
-			self.__transm.proceed(["get", self.jailName, "ignoreip"]),
+			self.transm.proceed(["get", self.jailName, "ignoreip"]),
 			(0, [value, value]))
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "delignoreip", value]),
+			self.transm.proceed(["set", self.jailName, "delignoreip", value]),
 			(0, [value]))
 
 	def testJailRegex(self):
@@ -359,11 +344,11 @@ class Transmitter(unittest.TestCase):
 		)
 
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "addfailregex", "No host regex"])[0],
 			1)
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "addfailregex", 654])[0],
 			1)
 
@@ -383,25 +368,25 @@ class Transmitter(unittest.TestCase):
 		)
 
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "addignoreregex", "Invalid [regex"])[0],
 			1)
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "addignoreregex", 50])[0],
 			1)
 
 	def testStatus(self):
 		jails = [self.jailName]
-		self.assertEqual(self.__transm.proceed(["status"]),
+		self.assertEqual(self.transm.proceed(["status"]),
 			(0, [('Number of jail', len(jails)), ('Jail list', ", ".join(jails))]))
-		self.__server.addJail("TestJail2", "auto")
+		self.server.addJail("TestJail2", "auto")
 		jails.append("TestJail2")
-		self.assertEqual(self.__transm.proceed(["status"]),
+		self.assertEqual(self.transm.proceed(["status"]),
 			(0, [('Number of jail', len(jails)), ('Jail list', ", ".join(jails))]))
 
 	def testJailStatus(self):
-		self.assertEqual(self.__transm.proceed(["status", self.jailName]),
+		self.assertEqual(self.transm.proceed(["status", self.jailName]),
 			(0,
 				[
 					('filter', [
@@ -436,54 +421,90 @@ class Transmitter(unittest.TestCase):
 		]
 
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "addaction", action]),
+			self.transm.proceed(["set", self.jailName, "addaction", action]),
 			(0, action))
 		self.assertEqual(
-			self.__transm.proceed(["get", self.jailName, "addaction", action]),
+			self.transm.proceed(["get", self.jailName, "addaction", action]),
 			(0, action))
 		for cmd, value in zip(cmdList, cmdValueList):
 			self.assertEqual(
-				self.__transm.proceed(
+				self.transm.proceed(
 					["set", self.jailName, cmd, action, value]),
 				(0, value))
 		for cmd, value in zip(cmdList, cmdValueList):
 			self.assertEqual(
-				self.__transm.proceed(["get", self.jailName, cmd, action]),
+				self.transm.proceed(["get", self.jailName, cmd, action]),
 				(0, value))
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "setcinfo", action, "KEY", "VALUE"]),
 			(0, "VALUE"))
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["get", self.jailName, "cinfo", action, "KEY"]),
 			(0, "VALUE"))
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["get", self.jailName, "cinfo", action, "InvalidKey"])[0],
 			1)
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "delcinfo", action, "KEY"]),
 			(0, None))
 		self.assertEqual(
-			self.__transm.proceed(["set", self.jailName, "delaction", action]),
+			self.transm.proceed(["set", self.jailName, "delaction", action]),
 			(0, None))
 		self.assertEqual(
-			self.__transm.proceed(
+			self.transm.proceed(
 				["set", self.jailName, "delaction", "Doesn't exist"])[0],1)
 
 	def testNOK(self):
-		self.assertEqual(self.__transm.proceed(["INVALID", "COMMAND"])[0],1)
+		self.assertEqual(self.transm.proceed(["INVALID", "COMMAND"])[0],1)
 
 	def testSetNOK(self):
 		self.assertEqual(
-			self.__transm.proceed(["set", "INVALID", "COMMAND"])[0],1)
+			self.transm.proceed(["set", "INVALID", "COMMAND"])[0],1)
 
 	def testGetNOK(self):
 		self.assertEqual(
-			self.__transm.proceed(["get", "INVALID", "COMMAND"])[0],1)
+			self.transm.proceed(["get", "INVALID", "COMMAND"])[0],1)
 
 	def testStatusNOK(self):
 		self.assertEqual(
-			self.__transm.proceed(["status", "INVALID", "COMMAND"])[0],1)
+			self.transm.proceed(["status", "INVALID", "COMMAND"])[0],1)
+
+class TransmitterLogging(TransmitterBase):
+
+	def setUp(self):
+		self.server = Server()
+		self.server.setLogTarget("/dev/null")
+		self.server.setLogLevel(0)
+		super(TransmitterLogging, self).setUp()
+
+	def testLogTarget(self):
+		logTargets = []
+		for _ in xrange(3):
+			tmpFile = tempfile.mkstemp("fail2ban", "transmitter")
+			logTargets.append(tmpFile[1])
+			os.close(tmpFile[0])
+		for logTarget in logTargets:
+			self.setGetTest("logtarget", logTarget)
+
+		# If path is invalid, do not change logtarget
+		value = "/this/path/should/not/exist"
+		self.setGetTestNOK("logtarget", value)
+
+		self.transm.proceed(["set", "/dev/null"])
+		for logTarget in logTargets:
+			os.remove(logTarget)
+
+		self.setGetTest("logtarget", "STDOUT")
+		self.setGetTest("logtarget", "STDERR")
+		self.setGetTest("logtarget", "SYSLOG")
+
+	def testLogLevel(self):
+		self.setGetTest("loglevel", "4", 4)
+		self.setGetTest("loglevel", "2", 2)
+		self.setGetTest("loglevel", "-1", -1)
+		self.setGetTest("loglevel", "0", 0)
+		self.setGetTestNOK("loglevel", "Bird")

From 7a442f079f9afdce2192aace6858329e16094589 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 22 Mar 2013 21:19:31 +0000
Subject: [PATCH 40/79] BF: When changing log target with python2.{4,5} handle
 KeyError

---
 server/server.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/server.py b/server/server.py
index 0e1b6c97..a0824f1d 100644
--- a/server/server.py
+++ b/server/server.py
@@ -379,7 +379,7 @@ class Server:
 				try:
 					handler.flush()
 					handler.close()
-				except ValueError:
+				except (ValueError, KeyError):
 					if sys.version_info >= (2,6):
 						raise
 					# is known to be thrown after logging was shutdown once

From 8ce986e9f9b27225619b8e4224c20739441d576a Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 09:15:55 +1100
Subject: [PATCH 41/79] DOC: punishment claimed

---
 setup.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup.cfg b/setup.cfg
index 53e7276a..03fa6dab 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -6,7 +6,7 @@ formats=bztar
 
 [bdist_rpm]
 release = 1
-packager = Yaroslav Halchenko <debian@onerussian.com>
+packager = Yaroslav Halchenko <debian@onerussian.com>, Daniel Black <daniel.subs@internode.on.net>
 doc_files = DEVELOP
             README
             THANKS

From 847c474b11ed91b8c3b3ef415a74cec6902d27f5 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 09:17:40 +1100
Subject: [PATCH 42/79] DOC: init -> Init, defination -> Defination. Improved
 intro

---
 man/jail.conf.5 | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/man/jail.conf.5 b/man/jail.conf.5
index 7a841f7d..c2c096d6 100644
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@@ -12,14 +12,20 @@ Fail2ban has three configuration file types. Action files are the commands for b
 Filter files tell fail2ban how authentication failures occur, and Jail configurations that map the two together.
 
 There are *.conf files that are distributed by fail2ban and *.local file that contain user overwritten files. 
-It is recommend that *.conf files are not changed. *.local files are where users overwrite their default settings.
-For instance if you require the default [ssh-iptables-ipset] jail create a jail.local with The jail.conf file is
- the configuration for the fail2ban server. Only overwride the settings you need to change and the rest come from 
-the default *.conf file.
+It is recommended that *.conf files are not changed. *.local files are where users overwrite their default settings.
+For instance if you require the default [ssh-iptables-ipset] jail create a jail.local to extend jail.conf (
+the configuration for the fail2ban server). The jail.local file will be the following if you only need to enable
+it:
 
+.TP
+\fBjail.local\fR
 [ssh-iptables-ipset]
 
 enabled = true
+.TP
+
+Only overwride the settings you need to change and the rest of the configuration comes from the corresponding
+*.conf file.
 
 .SH DEFAULT
 The following options are applicable to all jails. Their meaning is in the default jail.conf file.
@@ -42,16 +48,16 @@ Action files specify which commands are executed to ban an IP address. They are
 Like jail.conf files if you desire local changes create a [actionname].local file in the /etc/fail2ban/action.d directory 
 and override the required settings.
 
-The action files are ini files that have two sections, \fBdefination\fR and \fBinit\fR . 
+The action files are ini files that have two sections, \fBDefination\fR and \fBInit\fR . 
 
-The [init] section allows for settings relevant to the action. In jail.conf/jail.local these can be overwritten for a particular jail.
+The [Init] section allows for settings relevant to the action. In jail.conf/jail.local these can be overwritten for a particular jail.
 
-The commands are specified in the [defination] section as below..
+The commands are specified in the [Defination] section as below..
 
 The commands are executed through a system shell so shell redirection and process control is allowed. The commands should
 return 0 to indicate success which will prevent fail2ban attempting to retry (up to \fBmaxretry\fR times to ban the IP again.
 
-The following action parameters are in the [defination] section.
+The following action parameters are in the [Defination] section.
 .TP
 \fBactionstart\fR
 This is the commands that are executed when the jail starts.
@@ -68,7 +74,7 @@ This is the command that bans the IP address.
 \fBactionunban\fR
 This is the command that unbans the IP address after \fBbantime\fR.
 
-Tags are in <>. All the elements of [init] are tags that are replaced in all action commands. Tags can be added by the
+Tags are in <>. All the elements of [Init] are tags that are replaced in all action commands. Tags can be added by the
 \fBfail2ban-client\fR using the setctag command.
 
 More that one command is allowed. Each command needs to be on a new line and indented with whitespace with no blank lines. The following defines
@@ -101,7 +107,7 @@ These are used to identify failed authenicate attempts in logs and to extract th
 
 Like action files, filter files are ini files. The main section is the [Definition] section.
 
-There are two filter definations used in the [defination] section, failregex and ignoreregex.
+There are two filter definations used in the [Defination] section, failregex and ignoreregex.
 Other definations are allowed and can be used to substitue into other definations with %(defnname). For example.
 
 baduseragents = IE|wget
@@ -124,11 +130,11 @@ Filters can also have a section called [INCLUDES]. This is used to read other co
 
 .TP
 \fBbefore\fR
-indicates that this file is read before the [defination] section.
+indicates that this file is read before the [Defination] section.
 
 .TP
 \fBafter\fR
-indicates that this file is read after the [defination] section.
+indicates that this file is read after the [Defination] section.
 
 .SH AUTHOR
 Fail2ban Written by Cyril Jaquier <cyril.jaquier@fail2ban.org> with many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.

From 996e23455c941f02910d65eea7eef2fcaccde76d Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 22 Mar 2013 20:56:45 -0400
Subject: [PATCH 43/79] DOC: reverted unneeded stripping of DoW + added
 comments for why [:6]

---
 testcases/datedetectortestcase.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/testcases/datedetectortestcase.py b/testcases/datedetectortestcase.py
index d31ed568..a2946587 100644
--- a/testcases/datedetectortestcase.py
+++ b/testcases/datedetectortestcase.py
@@ -45,15 +45,18 @@ class DateDetectorTest(unittest.TestCase):
 		log = "1138049999 [sshd] error: PAM: Authentication failure"
 		date = [2006, 1, 23, 21, 59, 59, 0, 23, 0]
 		dateUnix = 1138049999.0
-		
-		self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
+
+		self.assertEqual(self.__datedetector.getTime(log), date)
 		self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 	
 	def testGetTime(self):
 		log = "Jan 23 21:59:59 [sshd] error: PAM: Authentication failure"
 		date = [2005, 1, 23, 21, 59, 59, 6, 23, -1]
 		dateUnix = 1106513999.0
-	
+		# yoh: testing only up to 6 elements, since the day of the week
+		#      is not correctly determined atm, since year is not present
+		#      in the log entry.  Since this doesn't effect the operation
+		#      of fail2ban -- we just ignore incorrect day of the week
 		self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
 		self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 
@@ -85,6 +88,7 @@ class DateDetectorTest(unittest.TestCase):
 			log = sdate + "[sshd] error: PAM: Authentication failure"
 			# exclude
 
+			# yoh: on [:6] see in above test
 			self.assertEqual(self.__datedetector.getTime(log)[:6], date[:6])
 			self.assertEqual(self.__datedetector.getUnixTime(log), dateUnix)
 

From b5cbee9e654a36cd4fdd12b77d81c47d8c383c13 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 20:12:31 +1100
Subject: [PATCH 44/79] DOC: add fail2ban.1 manual page

---
 MANIFEST       |  1 +
 man/fail2ban.1 | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 man/fail2ban.1

diff --git a/MANIFEST b/MANIFEST
index 21c7a03f..d64b8073 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -123,6 +123,7 @@ config/action.d/sendmail-whois-lines.conf
 config/action.d/shorewall.conf
 config/fail2ban.conf
 man/fail2ban-client.1
+man/fail2ban.1
 man/jail.conf.5
 man/fail2ban-client.h2m
 man/fail2ban-server.1
diff --git a/man/fail2ban.1 b/man/fail2ban.1
new file mode 100644
index 00000000..1198c07c
--- /dev/null
+++ b/man/fail2ban.1
@@ -0,0 +1,36 @@
+.TH FAIL2BAN "1"
+.SH NAME
+fail2ban \- a set of server and client programs to limit brute force authentication attempts.
+.SH DESCRIPTION
+Fail2Ban consists of a client, server and some configuration files to achieve limiting 
+brute force of authenitcation attempts.
+
+The server program is \fBfail2ban-server\fR which is configured from the configuration files. The
+fail2ban-server can also be configured using the \fBfail2ban-client\fR. 
+
+For details on the configuration of fail2ban see the jail.conf(5) manual page.
+
+For details on the configuration of fail2ban-server see the fail2ban-server(1) manual page.
+
+For details on the configuration of fail2ban-client see the fail2ban-client(1) manual page.
+
+For testing regular expressions assocated with filter using the fail2ban-regex program may be of
+use and its manual page is fail2ban-regex(1).
+
+.SH FILES
+\fI/etc/fail2ban/*\fR
+.SH AUTHOR
+Manual page written by Daniel Black
+.SH "REPORTING BUGS"
+Report bugs to https://github.com/fail2ban/fail2ban/issues
+.SH COPYRIGHT
+Copyright \(co 2013
+.br
+Copyright of modifications held by their respective authors.
+Licensed under the GNU General Public License v2 (GPL).
+.SH "SEE ALSO"
+.br 
+fail2ban-server(1)
+fail2ban-client(1)
+jail.conf(5)
+fail2ban-regex(1)

From ab16246619369ca90d71d6db6bf5ce3a89b917c0 Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 20:19:05 +1100
Subject: [PATCH 45/79] DOC: Defin{a,i}tion

---
 man/jail.conf.5 | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/man/jail.conf.5 b/man/jail.conf.5
index c2c096d6..38c29bbf 100644
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@@ -48,16 +48,16 @@ Action files specify which commands are executed to ban an IP address. They are
 Like jail.conf files if you desire local changes create a [actionname].local file in the /etc/fail2ban/action.d directory 
 and override the required settings.
 
-The action files are ini files that have two sections, \fBDefination\fR and \fBInit\fR . 
+The action files are ini files that have two sections, \fBDefinition\fR and \fBInit\fR . 
 
 The [Init] section allows for settings relevant to the action. In jail.conf/jail.local these can be overwritten for a particular jail.
 
-The commands are specified in the [Defination] section as below..
+The commands are specified in the [Definition] section as below..
 
 The commands are executed through a system shell so shell redirection and process control is allowed. The commands should
 return 0 to indicate success which will prevent fail2ban attempting to retry (up to \fBmaxretry\fR times to ban the IP again.
 
-The following action parameters are in the [Defination] section.
+The following action parameters are in the [Definition] section.
 .TP
 \fBactionstart\fR
 This is the commands that are executed when the jail starts.
@@ -101,14 +101,14 @@ The concatinated string of the log file lines of the matches that generated the
 
 .SH FILTER FILES
 
-Filter definations are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
+Filter definitions are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
 
 These are used to identify failed authenicate attempts in logs and to extract the host IP address or hostname.
 
 Like action files, filter files are ini files. The main section is the [Definition] section.
 
-There are two filter definations used in the [Defination] section, failregex and ignoreregex.
-Other definations are allowed and can be used to substitue into other definations with %(defnname). For example.
+There are two filter definitions used in the [Definition] section, failregex and ignoreregex.
+Other definitions are allowed and can be used to substitue into other definitions with %(defnname). For example.
 
 baduseragents = IE|wget
 
@@ -130,11 +130,11 @@ Filters can also have a section called [INCLUDES]. This is used to read other co
 
 .TP
 \fBbefore\fR
-indicates that this file is read before the [Defination] section.
+indicates that this file is read before the [Definition] section.
 
 .TP
 \fBafter\fR
-indicates that this file is read after the [Defination] section.
+indicates that this file is read after the [Definition] section.
 
 .SH AUTHOR
 Fail2ban Written by Cyril Jaquier <cyril.jaquier@fail2ban.org> with many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.

From 6f804f92596174fa3bcd76a3759d04458fe0638a Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 21:04:03 +1100
Subject: [PATCH 46/79] BF: defer testSocket for later

---
 testcases/servertestcase.py | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/testcases/servertestcase.py b/testcases/servertestcase.py
index 9b649a99..857dc45b 100644
--- a/testcases/servertestcase.py
+++ b/testcases/servertestcase.py
@@ -142,22 +142,6 @@ class Transmitter(unittest.TestCase):
 				self.__transm.proceed(["get", jail, cmd]),
 				(0, outValues[n+1:]))
 
-	def testSocket(self):
-		ss = os.stat(self.__sock_name)
-		self.assertIsNot(stat.S_ISSOCK(ss.st_mode), 0)
-
-	# pid removal is done in server.start
-	# unsure if this was intended
-	#def testPid(self):
-	#	pidfile = self.__pidfile_name
-	#	sp = os.stat(pidfile)
-	#	self.assertIsNot(stat.S_ISREG(sp.st_mode), 0)
-	#	self.assertEquals(stat.S_IMODE(sp.st_mode), stat.S_IRUSR | stat.S_IWUSR)
-	#	
-	#	p = open(pidfile,'r')
-	#	self.assertTrue(int(p.read()))
-	#	p.close()
-
 	def testStopServer(self):
 		self.assertEqual(self.__transm.proceed(["stop"]), (0, None))
 

From e6ae8872c68871e7f06f31426dff7dd341ad3abf Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Sat, 23 Mar 2013 21:31:09 +1100
Subject: [PATCH 47/79] PKG: change email that I want in RPMs

---
 setup.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup.cfg b/setup.cfg
index 03fa6dab..74c22b25 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -6,7 +6,7 @@ formats=bztar
 
 [bdist_rpm]
 release = 1
-packager = Yaroslav Halchenko <debian@onerussian.com>, Daniel Black <daniel.subs@internode.on.net>
+packager = Yaroslav Halchenko <debian@onerussian.com>, Daniel Black <grooverdan@users.sourceforge.net>
 doc_files = DEVELOP
             README
             THANKS

From 6eb262fea684359709e985920d1879556ca47918 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 24 Mar 2013 22:12:52 -0400
Subject: [PATCH 48/79] My improvements to manpages

---
 man/fail2ban.1  | 30 ++++++++++------
 man/jail.conf.5 | 95 ++++++++++++++++++++++++-------------------------
 2 files changed, 66 insertions(+), 59 deletions(-)

diff --git a/man/fail2ban.1 b/man/fail2ban.1
index 1198c07c..9af9ec54 100644
--- a/man/fail2ban.1
+++ b/man/fail2ban.1
@@ -2,25 +2,33 @@
 .SH NAME
 fail2ban \- a set of server and client programs to limit brute force authentication attempts.
 .SH DESCRIPTION
-Fail2Ban consists of a client, server and some configuration files to achieve limiting 
-brute force of authenitcation attempts.
+Fail2Ban consists of a client, server and configuration files to limit
+brute force authentication attempts.
 
-The server program is \fBfail2ban-server\fR which is configured from the configuration files. The
-fail2ban-server can also be configured using the \fBfail2ban-client\fR. 
+The server program \fBfail2ban-server\fR is responsible for monitoring
+log files and issuing ban/unban commands.  It gets configured through
+a simple protocol by \fBfail2ban-client\fR, which can also read
+configuration files and issue corresponding configuration commands to
+the server.
 
-For details on the configuration of fail2ban see the jail.conf(5) manual page.
+For details on the configuration of fail2ban see the jail.conf(5)
+manual page.  A jail (as specified in jail.conf) couples filters and
+actions definitions for any given list of files to get monitored.
 
-For details on the configuration of fail2ban-server see the fail2ban-server(1) manual page.
+For details on the command-line options of fail2ban-server see the
+fail2ban-server(1) manual page.
 
-For details on the configuration of fail2ban-client see the fail2ban-client(1) manual page.
+For details on the command-line options and commands for configuring
+the server via fail2ban-client see the fail2ban-client(1) manual page.
 
-For testing regular expressions assocated with filter using the fail2ban-regex program may be of
-use and its manual page is fail2ban-regex(1).
+For testing regular expressions specified in a filter using the
+fail2ban-regex program may be of use and its manual page is
+fail2ban-regex(1).
 
 .SH FILES
 \fI/etc/fail2ban/*\fR
 .SH AUTHOR
-Manual page written by Daniel Black
+Manual page written by Daniel Black and Yaroslav Halchenko
 .SH "REPORTING BUGS"
 Report bugs to https://github.com/fail2ban/fail2ban/issues
 .SH COPYRIGHT
@@ -32,5 +40,5 @@ Licensed under the GNU General Public License v2 (GPL).
 .br 
 fail2ban-server(1)
 fail2ban-client(1)
-jail.conf(5)
 fail2ban-regex(1)
+jail.conf(5)
diff --git a/man/jail.conf.5 b/man/jail.conf.5
index 38c29bbf..8f38c14b 100644
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@@ -8,13 +8,13 @@ jail.conf \- configuration for the fail2ban server
 
 .B filter.d/*.conf filter.d/*.local
 .SH DESCRIPTION
-Fail2ban has three configuration file types. Action files are the commands for banning and unbanning IP address,
-Filter files tell fail2ban how authentication failures occur, and Jail configurations that map the two together.
+Fail2ban has three configuration file types. Action files are the commands for banning and unbanning of IP address,
+Filter files tell fail2ban how to detect authentication failures, and Jail configurations combine filters with actions into jails.
 
-There are *.conf files that are distributed by fail2ban and *.local file that contain user overwritten files. 
-It is recommended that *.conf files are not changed. *.local files are where users overwrite their default settings.
-For instance if you require the default [ssh-iptables-ipset] jail create a jail.local to extend jail.conf (
-the configuration for the fail2ban server). The jail.local file will be the following if you only need to enable
+There are *.conf files that are distributed by fail2ban and *.local file that contain user customizations.
+It is recommended that *.conf files should remain unchanged.  If needed, customizations should be provided in *.local files.
+For instance, if you would like to customize the [ssh-iptables-ipset] jail, create a jail.local to extend jail.conf
+(the configuration for the fail2ban server).  The jail.local file will be the following if you only need to enable
 it:
 
 .TP
@@ -22,13 +22,13 @@ it:
 [ssh-iptables-ipset]
 
 enabled = true
-.TP
 
-Only overwride the settings you need to change and the rest of the configuration comes from the corresponding
+.PP
+Override only the settings you need to change and the rest of the configuration will come from the corresponding
 *.conf file.
 
 .SH DEFAULT
-The following options are applicable to all jails. Their meaning is in the default jail.conf file.
+The following options are applicable to all jails. Their meaning is described in the default jail.conf file.
 .TP
 \fBignoreip\fR 
 .TP
@@ -41,55 +41,53 @@ The following options are applicable to all jails. Their meaning is in the defau
 \fBbackend\fR
 .TP
 \fBusedns\fR
-.TP
-.SH ACTION FILES
-Action files specify which commands are executed to ban an IP address. They are located in /etc/fail2ban/action.d.
 
-Like jail.conf files if you desire local changes create a [actionname].local file in the /etc/fail2ban/action.d directory 
+
+.SH "ACTION FILES"
+Action files specify which commands are executed to ban and unban an IP address. They are located under /etc/fail2ban/action.d.
+
+Like with jail.conf files, if you desire local changes create an [actionname].local file in the /etc/fail2ban/action.d directory
 and override the required settings.
 
-The action files are ini files that have two sections, \fBDefinition\fR and \fBInit\fR . 
+Action files are ini files that have two sections, \fBDefinition\fR and \fBInit\fR . 
 
-The [Init] section allows for settings relevant to the action. In jail.conf/jail.local these can be overwritten for a particular jail.
+The [Init] section allows for action-specific settings. In jail.conf/jail.local these can be overwritten for a particular jail as options to the jail.
 
-The commands are specified in the [Definition] section as below..
-
-The commands are executed through a system shell so shell redirection and process control is allowed. The commands should
-return 0 to indicate success which will prevent fail2ban attempting to retry (up to \fBmaxretry\fR times to ban the IP again.
-
-The following action parameters are in the [Definition] section.
+The following commands can be present in the [Definition] section.
 .TP
 \fBactionstart\fR
-This is the commands that are executed when the jail starts.
+command(s) executed when the jail starts.
 .TP
 \fBactionstop\fR
-This is the commands that are executed when the jail stops.
+command(s) executed when the jail stops.
 .TP
 \fBactioncheck\fR
-This is the command that is before each other action. It checks to see if the environment is ok.
+the command ran before any other action. It aims to verify if the environment is still ok.
 .TP
 \fBactionban\fR
-This is the command that bans the IP address.
+command(s) that bans the IP address after \fBmaxretry\fR log lines matches within last \fBfindtime\fR seconds.
 .TP
 \fBactionunban\fR
-This is the command that unbans the IP address after \fBbantime\fR.
+command(s) that unbans the IP address after \fBbantime\fR.
 
-Tags are in <>. All the elements of [Init] are tags that are replaced in all action commands. Tags can be added by the
+Commands specified in the [Definition] section are executed through a system shell so shell redirection and process control is allowed. The commands should
+return 0, otherwise error would be logged.  Moreover if \fBactioncheck\fR exits with non-0 status, it is taken as indication that firewall status has changed and fail2ban needs to reinitialize itself (i.e. issue \fBactionstop\fR and \fBactionstart\fR commands).
+
+Tags are enclosed in <>.  All the elements of [Init] are tags that are replaced in all action commands.  Tags can be added by the
 \fBfail2ban-client\fR using the setctag command.
 
-More that one command is allowed. Each command needs to be on a new line and indented with whitespace with no blank lines. The following defines
+More than a single command is allowed to be specified. Each command needs to be on a separate line and indented with whitespaces without blank lines. The following example defines
 two commands to be executed.
 
-actionban = iptables -I fail2ban-<name> --source <ip> -j DROP
+ actionban = iptables -I fail2ban-<name> --source <ip> -j DROP
+             echo ip=<ip>, match=<match>, time=<time> >> /var/log/fail2ban.log
 
-    echo ip=<ip>, match=<match>, time=<time> >> /var/log/fail2ban.log
-
-The following tags are also substituted in the actionban, actionunban and actioncheck (when called before actionban/actionunban).
+.SS "Action Tags"
+The following tags are substituted in the actionban, actionunban and actioncheck (when called before actionban/actionunban) commands.
 .TP
 \fBip\fR
 An IPv4 ip address to be banned. e.g. 192.168.0.2
 .TP
-.TP
 \fBfailures\fR
 The number of times the failure occurred in the log file. e.g. 3
 .TP
@@ -97,33 +95,32 @@ The number of times the failure occurred in the log file. e.g. 3
 The unix time of the ban. e.g. 1357508484
 .TP
 \fBmatches\fR
-The concatinated string of the log file lines of the matches that generated the ban.
+The concatenated string of the log file lines of the matches that generated the ban. Many characters interpreted by shell get escaped.
 
 .SH FILTER FILES
 
 Filter definitions are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
 
-These are used to identify failed authenicate attempts in logs and to extract the host IP address or hostname.
+These are used to identify failed authentication attempts in logs and to extract the host IP address (or hostname if \fBusedns\fR is \fBtrue\fR).
 
 Like action files, filter files are ini files. The main section is the [Definition] section.
 
-There are two filter definitions used in the [Definition] section, failregex and ignoreregex.
-Other definitions are allowed and can be used to substitue into other definitions with %(defnname). For example.
-
-baduseragents = IE|wget
-
-failregex = useragent=%(baduseragents)
-
-The \fBfailregex\fR and \fBignoreregex\fR have the following meanings:
+There are two filter definitions used in the [Definition] section:
 
 .TP
 \fBfailregex\fR
-is the regex that will match failed attempts. The tag <HOST> is used as part of the regex and is itself a regex
+is the regex (\fBreg\fRular \fBex\fRpression) that will match failed attempts. The tag <HOST> is used as part of the regex and is itself a regex
 for IPv4 addresses and hostnames. fail2ban will work out which one of these it actually is.
 
 .TP
 \fBignoreregex\fR
-is the regex that will be ignored by fail2ban, even if failregex matches.
+is the regex to identify log entries that should be ignored by fail2ban, even if they match failregex.
+
+
+Using Python "string interpolation" mechanisms, other definitions are allowed and can later be used within other definitions as %(defnname)s. For example.
+
+ baduseragents = IE|wget
+ failregex = useragent=%(baduseragents)s
 
 .PP
 Filters can also have a section called [INCLUDES]. This is used to read other configuration files.
@@ -137,8 +134,10 @@ indicates that this file is read before the [Definition] section.
 indicates that this file is read after the [Definition] section.
 
 .SH AUTHOR
-Fail2ban Written by Cyril Jaquier <cyril.jaquier@fail2ban.org> with many contributions by Yaroslav O. Halchenko <debian@onerussian.com>.
-Manual page written by Daniel Black.
+Fail2ban was originally written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.
+At the moment it is maintained and further developed by Yaroslav O. Halchenko <debian@onerussian.com> and a number of contributors.  See \fBTHANKS\fR file shipped with Fail2Ban for a full list.
+.
+Manual page written by Daniel Black and Yaroslav Halchenko.
 .SH "REPORTING BUGS"
 Report bugs to https://github.com/fail2ban/fail2ban/issues
 .SH COPYRIGHT
@@ -147,5 +146,5 @@ Copyright \(co 2013 Daniel Black
 Copyright of modifications held by their respective authors.
 Licensed under the GNU General Public License v2 (GPL).
 .SH "SEE ALSO"
-.br 
+.br
 fail2ban-server(1)

From c0915e5c7bda6a9ed9b46295f44ed9e0117e10a2 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Sun, 24 Mar 2013 22:13:16 -0400
Subject: [PATCH 49/79] Added Daniel and Steven to THANKS

---
 THANKS | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/THANKS b/THANKS
index ff20d07d..f207d71e 100644
--- a/THANKS
+++ b/THANKS
@@ -13,6 +13,7 @@ Christian Rauch
 Christoph Haas
 Christos Psonis
 Daniel B. Cid
+Daniel Black
 David Nutter
 Eric Gerbier
 Guillaume Delvit
@@ -38,6 +39,7 @@ Robert Edeker
 Russell Odom
 Sireyessire
 Stephen Gildea
+Steven Hiscocks
 Tom Pike
 Tyler
 Vaclav Misek

From bba3fd85688a95b5c6bd95ae7c7fec6a524d47f8 Mon Sep 17 00:00:00 2001
From: ArndRa <ArndRaphael.Brandes@gmx.de>
Date: Mon, 25 Mar 2013 08:43:13 +0100
Subject: [PATCH 50/79] Update sogo-auth.conf

included hint by user  yarikoptic
---
 config/filter.d/sogo-auth.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/filter.d/sogo-auth.conf b/config/filter.d/sogo-auth.conf
index 6a1abd3f..6054c589 100644
--- a/config/filter.d/sogo-auth.conf
+++ b/config/filter.d/sogo-auth.conf
@@ -17,3 +17,4 @@ failregex = Login from '<HOST>.*' for user '.*' might not have worked
 # Notes.: regex to ignore. If this regex matches, the line is ignored.
 # Values: TEXT
 #
+ignoreregex = 

From ebb6e5f4eba5be26af46e9abc6eb84f238126389 Mon Sep 17 00:00:00 2001
From: ArndRa <ArndRaphael.Brandes@gmx.de>
Date: Mon, 25 Mar 2013 09:11:51 +0100
Subject: [PATCH 51/79] An example of failed logins against sogo

---
 testcases/files/logs/sogo-auth | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 testcases/files/logs/sogo-auth

diff --git a/testcases/files/logs/sogo-auth b/testcases/files/logs/sogo-auth
new file mode 100644
index 00000000..6dbe7356
--- /dev/null
+++ b/testcases/files/logs/sogo-auth
@@ -0,0 +1,15 @@
+Mar 24 08:58:32 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87c3008> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=hack0r,ou=users,dc=mail,dc=example,dc=org"; }
+Mar 24 08:58:32 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'hack0r' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
+173.194.44.31 - - [24/Mar/2013:08:58:32 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/38 0.311 - - 2M
+Mar 24 08:58:40 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87bb8d8> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=kiddy,ou=users,dc=mail,dc=example,dc=org"; }
+Mar 24 08:58:40 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'kiddy' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
+173.194.44.31 - - [24/Mar/2013:08:58:40 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/37 0.007 - - 32K
+Mar 24 08:58:50 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87c27f8> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=plsBanMe,ou=users,dc=mail,dc=example,dc=org"; }
+Mar 24 08:58:50 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'plsBanMe' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
+173.194.44.31 - - [24/Mar/2013:08:58:50 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/40 0.008 - - 0
+Mar 24 08:58:59 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87be830> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=root,ou=users,dc=mail,dc=example,dc=org"; }
+Mar 24 08:58:59 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'root' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
+173.194.44.31 - - [24/Mar/2013:08:58:59 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/36 0.007 - - 0
+Mar 24 08:59:04 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87bc088> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=admin,ou=users,dc=mail,dc=example,dc=org"; }
+Mar 24 08:59:04 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'admin' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
+173.194.44.31 - - [24/Mar/2013:08:59:04 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/37 0.007 - - 0

From 3b4084d4711019f53450401f11d2607064c6d8bb Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 10:41:13 -0400
Subject: [PATCH 52/79] BF: fixing up for handling of TAI64N timestamps and
 adding some unittest for prev commit (not effective much though)

---
 server/datetemplate.py            |  5 +++--
 testcases/datedetectortestcase.py | 21 +++++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/server/datetemplate.py b/server/datetemplate.py
index 8e2cb7e1..51b8bb1e 100644
--- a/server/datetemplate.py
+++ b/server/datetemplate.py
@@ -50,7 +50,7 @@ class DateTemplate:
 	def getName(self):
 		return self.__name
 	
-	def setRegex(self, regex, wordBegin = True):
+	def setRegex(self, regex, wordBegin=True):
 		regex = regex.strip()
 		if (wordBegin and not re.search(r'^\^', regex)):
 			regex = r'\b' + regex
@@ -186,7 +186,8 @@ class DateTai64n(DateTemplate):
 	def __init__(self):
 		DateTemplate.__init__(self)
 		# We already know the format for TAI64N
-		self.setRegex("@[0-9a-f]{24}")
+		# yoh: we should not add an additional front anchor
+		self.setRegex("@[0-9a-f]{24}", wordBegin=False)
 	
 	def getDate(self, line):
 		date = None
diff --git a/testcases/datedetectortestcase.py b/testcases/datedetectortestcase.py
index a2946587..64af1fab 100644
--- a/testcases/datedetectortestcase.py
+++ b/testcases/datedetectortestcase.py
@@ -103,6 +103,27 @@ class DateDetectorTest(unittest.TestCase):
 		self.assertRaises(ValueError, self.__datedetector._appendTemplate,
 						  self.__datedetector.getTemplates()[0])
 
+	def testFullYearMatch_gh130(self):
+		# see https://github.com/fail2ban/fail2ban/pull/130
+		# yoh: unfortunately this test is not really effective to reproduce the
+		#      situation but left in place to assure consistent behavior
+		m1 = [2012, 10, 11, 2, 37, 17]
+		self.assertEqual(
+			self.__datedetector.getTime('2012/10/11 02:37:17 [error] 18434#0')[:6],
+			m1)
+		self.__datedetector.sortTemplate()
+		# confuse it with year being at the end
+		for i in xrange(10):
+			self.assertEqual(
+				self.__datedetector.getTime('11/10/2012 02:37:17 [error] 18434#0')[:6],
+				m1)
+		self.__datedetector.sortTemplate()
+		# and now back to the original
+		self.assertEqual(
+			self.__datedetector.getTime('2012/10/11 02:37:17 [error] 18434#0')[:6],
+			m1)
+
+
 #	def testDefaultTempate(self):
 #		self.__datedetector.setDefaultRegex("^\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 #		self.__datedetector.setDefaultPattern("%b %d %H:%M:%S")

From 007827fac6b7ce3146da5ce11c6d81dd332514d6 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 11:03:55 -0400
Subject: [PATCH 53/79] ENH: increase timeout to 20 sec from 10 sec in
 assert_correct_last_attempt

This is done with a hope to resolve randomly failing tests on travis-ci
and thus fixing the #103
---
 testcases/filtertestcase.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index a036f804..5833e296 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -379,7 +379,7 @@ def get_monitor_failures_testcase(Filter_):
 			return not self.isFilled(delay)
 
 		def assert_correct_last_attempt(self, failures, count=None):
-			self.assertTrue(self.isFilled(10)) # give Filter a chance to react
+			self.assertTrue(self.isFilled(20)) # give Filter a chance to react
 			_assert_correct_last_attempt(self, self.jail, failures, count=count)
 
 

From ca474eb4887aa5d136840b9437b9a547a3a10ca0 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 12:05:10 -0400
Subject: [PATCH 54/79] DOC: Added suggested by @beilber description of .d/ +
 added I formatting to all filenames

---
 man/jail.conf.5 | 36 +++++++++++++++++++++++++++---------
 1 file changed, 27 insertions(+), 9 deletions(-)

diff --git a/man/jail.conf.5 b/man/jail.conf.5
index 8f38c14b..10bcef7f 100644
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@@ -2,11 +2,11 @@
 .SH NAME
 jail.conf \- configuration for the fail2ban server
 .SH SYNOPSIS
-.B jail.conf / jail.local
+.I jail.conf / jail.local
 
-.B action.d/*.conf action.d/*.local
+.I action.d/*.conf action.d/*.local
 
-.B filter.d/*.conf filter.d/*.local
+.I filter.d/*.conf filter.d/*.local
 .SH DESCRIPTION
 Fail2ban has three configuration file types. Action files are the commands for banning and unbanning of IP address,
 Filter files tell fail2ban how to detect authentication failures, and Jail configurations combine filters with actions into jails.
@@ -18,7 +18,7 @@ For instance, if you would like to customize the [ssh-iptables-ipset] jail, crea
 it:
 
 .TP
-\fBjail.local\fR
+\fIjail.local\fR
 [ssh-iptables-ipset]
 
 enabled = true
@@ -27,8 +27,26 @@ enabled = true
 Override only the settings you need to change and the rest of the configuration will come from the corresponding
 *.conf file.
 
+\fI*.d/\fR
+.RS
+In addition to .local, for any .conf file there can be a corresponding
+.d directory to contain additional .conf files that will be read after the
+appropriate .local file.  Last parsed file will take precidence over
+identical entries, parsed alphabetically, e.g.
+
+.RS
+\fIjail.d/01_enable.conf\fR - to enable a specific jail
+.RE
+.RS
+\fIjail.d/02_custom_port.conf\fR - containing specific configuration entry to change the port of the jail specified in the configuration
+.RE
+.RS
+\fIfail2ban.d/01_custom_log.conf\fR - containing specific configuration entry to use a different log path.
+.RE
+.RE
+
 .SH DEFAULT
-The following options are applicable to all jails. Their meaning is described in the default jail.conf file.
+The following options are applicable to all jails. Their meaning is described in the default \fIjail.conf\fR file.
 .TP
 \fBignoreip\fR 
 .TP
@@ -44,14 +62,14 @@ The following options are applicable to all jails. Their meaning is described in
 
 
 .SH "ACTION FILES"
-Action files specify which commands are executed to ban and unban an IP address. They are located under /etc/fail2ban/action.d.
+Action files specify which commands are executed to ban and unban an IP address. They are located under \fI/etc/fail2ban/action.d\fR.
 
-Like with jail.conf files, if you desire local changes create an [actionname].local file in the /etc/fail2ban/action.d directory
+Like with jail.conf files, if you desire local changes create an \fI[actionname].local\fR file in the \fI/etc/fail2ban/action.d\fR directory
 and override the required settings.
 
 Action files are ini files that have two sections, \fBDefinition\fR and \fBInit\fR . 
 
-The [Init] section allows for action-specific settings. In jail.conf/jail.local these can be overwritten for a particular jail as options to the jail.
+The [Init] section allows for action-specific settings. In \fIjail.conf/jail.local\fR these can be overwritten for a particular jail as options to the jail.
 
 The following commands can be present in the [Definition] section.
 .TP
@@ -99,7 +117,7 @@ The concatenated string of the log file lines of the matches that generated the
 
 .SH FILTER FILES
 
-Filter definitions are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
+Filter definitions are those in \fI/etc/fail2ban/filter.d/*.conf\fR and \fIfilter.d/*.local\fR.
 
 These are used to identify failed authentication attempts in logs and to extract the host IP address (or hostname if \fBusedns\fR is \fBtrue\fR).
 

From e6983b4f9b476e174995b9814260e9e1c5c4d6c5 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 12:45:08 -0400
Subject: [PATCH 55/79] BF: Remove custom __str__ for MonitorFailures and just
 adjust __name__ of the generated class

Also to guarantee unique file names across tests -- append incremental
numeric suffix.

This should prevent unittest from not reporting specific unittest method names,
thus complicating the analysis of failures
---
 testcases/filtertestcase.py | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index 5833e296..88cbf382 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -324,11 +324,15 @@ def get_monitor_failures_testcase(Filter_):
 	"""Generator of TestCase's for different filters/backends
 	"""
 
+	_, testclass_name = tempfile.mkstemp('fail2ban', 'monitorfailures')
+
 	class MonitorFailures(unittest.TestCase):
+		count = 0
 		def setUp(self):
 			"""Call before every test case."""
 			self.filter = self.name = 'NA'
-			_, self.name = tempfile.mkstemp('fail2ban', 'monitorfailures')
+			self.name = '%s-%d' % (testclass_name, self.count)
+			MonitorFailures.count += 1 # so we have unique filenames across tests
 			self.file = open(self.name, 'a')
 			self.jail = DummyJail()
 			self.filter = Filter_(self.jail)
@@ -351,12 +355,9 @@ def get_monitor_failures_testcase(Filter_):
 			self.filter.join()		  # wait for the thread to terminate
 			#print "D: KILLING THE FILE"
 			_killfile(self.file, self.name)
+			#time.sleep(0.2)			  # Give FS time to ack the removal
 			pass
 
-		def __str__(self): # pragma: no cover - will only show up if unexpected exception is thrown
-			return "MonitorFailures%s(%s)" \
-			  % (Filter_, hasattr(self, 'name') and self.name or 'tempfile')
-
 		def isFilled(self, delay=2.):
 			"""Wait up to `delay` sec to assure that it was modified or not
 			"""
@@ -488,7 +489,8 @@ def get_monitor_failures_testcase(Filter_):
 			# yoh: not sure why count here is not 9... TODO
 			self.assert_correct_last_attempt(GetFailures.FAILURES_01)#, count=9)
 
-
+	MonitorFailures.__name__ = "MonitorFailures<%s>(%s)" \
+			  % (Filter_.__name__, testclass_name) # 'tempfile')
 	return MonitorFailures
 
 

From 5ea2ab14e6bc848e7782d4f8e3ee23ed8a0aa708 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 14:42:44 -0400
Subject: [PATCH 56/79] ENH: elaborated debug log message about already
 detected failures

Now it should be evaluated only if logging mode is debug or "lower", and also
should happen not only on initial detections but for every added failure.
It also reports counts per each IP now
---
 server/failmanager.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/server/failmanager.py b/server/failmanager.py
index 82c2ed6f..93a3a351 100644
--- a/server/failmanager.py
+++ b/server/failmanager.py
@@ -105,8 +105,15 @@ class FailManager:
 				fData.setLastReset(unixTime)
 				fData.setLastTime(unixTime)
 				self.__failList[ip] = fData
-			logSys.debug("Currently have failures from %d IPs: %s"
-						 % (len(self.__failList), self.__failList.keys()))
+
+			if logSys.getEffectiveLevel() <= logging.DEBUG:
+				# yoh: Since composing this list might be somewhat time consuming
+				# in case of having many active failures, it should be ran only
+				# if debug level is "low" enough
+				failures_summary = ', '.join(['%s:%d' % (k, v.getRetry())
+											  for k,v in  self.__failList.iteritems()])
+				logSys.debug("Currently have failures from %d IPs (IP:count): %s"
+							 % (len(self.__failList), failures_summary))
 			self.__failTotal += 1
 		finally:
 			self.__lock.release()

From f72bc13111ebfdee95ece936d95fcae961748826 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 16:33:02 -0400
Subject: [PATCH 57/79] BF: allow to wait longer for FilterPoll in
 test_move_file

---
 testcases/filtertestcase.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index 88cbf382..4aef2c9d 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -432,9 +432,10 @@ def get_monitor_failures_testcase(Filter_):
 			# if we move file into a new location while it has been open already
 			self.file = _copy_lines_between_files(GetFailures.FILENAME_01, self.name,
 												  n=14, mode='w')
-			self.assertTrue(self.isEmpty(2))
+			# Poll might need more time
+			self.assertTrue(self.isEmpty(2 + int(isinstance(self.filter, FilterPoll))*4))
 			self.assertRaises(FailManagerEmpty, self.filter.failManager.toBan)
-			self.assertEqual(self.filter.failManager.getFailTotal(), 2) # Fails with Poll from time to time
+			self.assertEqual(self.filter.failManager.getFailTotal(), 2)
 
 			# move aside, but leaving the handle still open...
 			os.rename(self.name, self.name + '.bak')

From c29553354b9527722ce3ee87bfe60ebf6268682d Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 17:11:03 -0400
Subject: [PATCH 58/79] ENH: FailManager -- improve log message to report total
 # of detected failures as well

---
 server/failmanager.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/server/failmanager.py b/server/failmanager.py
index 93a3a351..02f16ce3 100644
--- a/server/failmanager.py
+++ b/server/failmanager.py
@@ -106,15 +106,16 @@ class FailManager:
 				fData.setLastTime(unixTime)
 				self.__failList[ip] = fData
 
+			self.__failTotal += 1
+
 			if logSys.getEffectiveLevel() <= logging.DEBUG:
 				# yoh: Since composing this list might be somewhat time consuming
 				# in case of having many active failures, it should be ran only
 				# if debug level is "low" enough
 				failures_summary = ', '.join(['%s:%d' % (k, v.getRetry())
 											  for k,v in  self.__failList.iteritems()])
-				logSys.debug("Currently have failures from %d IPs (IP:count): %s"
-							 % (len(self.__failList), failures_summary))
-			self.__failTotal += 1
+				logSys.debug("Total # of detected failures: %d. Current failures from %d IPs (IP:count): %s"
+							 % (self.__failTotal, len(self.__failList), failures_summary))
 		finally:
 			self.__lock.release()
 	

From 52af29a08044d77d727d68fa17494c08fb48c1d7 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 21:28:58 -0400
Subject: [PATCH 59/79] ENH: adding ability to incorporate tracebacks into log
 lines while running tests

---
 fail2ban-testcases |  23 ++++++++---
 testcases/utils.py | 101 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 119 insertions(+), 5 deletions(-)
 create mode 100644 testcases/utils.py

diff --git a/fail2ban-testcases b/fail2ban-testcases
index d6b25b91..e00cc908 100755
--- a/fail2ban-testcases
+++ b/fail2ban-testcases
@@ -36,6 +36,8 @@ from testcases import servertestcase
 from testcases import datedetectortestcase
 from testcases import actiontestcase
 from testcases import sockettestcase
+
+from testcases.utils import FormatterWithTraceBack
 from server.mytime import MyTime
 
 from optparse import OptionParser, Option
@@ -52,12 +54,14 @@ def get_opt_parser():
 			   choices=('debug', 'info', 'warn', 'error', 'fatal'),
 			   default=None,
 			   help="Log level for the logger to use during running tests"),
-		])
-
-	p.add_options([
 		Option('-n', "--no-network", action="store_true",
 			   dest="no_network",
 			   help="Do not run tests that require the network"),
+		Option("-t", "--log-traceback", action='store_true',
+			   help="Enrich log-messages with compressed tracebacks"),
+		Option("--full-traceback", action='store_true',
+			   help="Either to make the tracebacks full, not compressed (as by default)"),
+
 		])
 
 	return p
@@ -89,12 +93,21 @@ else: # pragma: no cover
 
 # Add the default logging handler
 stdout = logging.StreamHandler(sys.stdout)
+
+fmt = ' %(message)s'
+
+if opts.log_traceback:
+	Formatter = FormatterWithTraceBack
+	fmt = (opts.full_traceback and ' %(tb)s' or ' %(tbc)s') + fmt
+else:
+	Formatter = logging.Formatter
+
 # Custom log format for the verbose tests runs
 if verbosity > 1: # pragma: no cover
-	stdout.setFormatter(logging.Formatter(' %(asctime)-15s %(thread)s %(message)s'))
+	stdout.setFormatter(Formatter(' %(asctime)-15s %(thread)s' + fmt))
 else: # pragma: no cover
 	# just prefix with the space
-	stdout.setFormatter(logging.Formatter(' %(message)s'))
+	stdout.setFormatter(Formatter(fmt))
 logSys.addHandler(stdout)
 
 #
diff --git a/testcases/utils.py b/testcases/utils.py
new file mode 100644
index 00000000..6b894193
--- /dev/null
+++ b/testcases/utils.py
@@ -0,0 +1,101 @@
+# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
+# vi: set ft=python sts=4 ts=4 sw=4 noet :
+
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+
+__author__ = "Yaroslav Halchenko"
+__copyright__ = "Copyright (c) 2013 Yaroslav Halchenko"
+__license__ = "GPL"
+
+import logging, os, re, traceback
+from os.path import basename, dirname
+
+#
+# Following "traceback" functions are adopted from PyMVPA distributed
+# under MIT/Expat and copyright by PyMVPA developers (i.e. me and
+# Michael).  Hereby I re-license derivative work on these pieces under GPL
+# to stay in line with the main Fail2Ban license
+#
+def mbasename(s):
+	"""Custom function to include directory name if filename is too common
+
+	Also strip .py at the end
+	"""
+	base = basename(s)
+	if base.endswith('.py'):
+		base = base[:-3]
+	if base in set(['base', '__init__']):
+		base = basename(dirname(s)) + '.' + base
+	return base
+
+class TraceBack(object):
+	"""Customized traceback to be included in debug messages
+	"""
+
+	def __init__(self, compress=False):
+		"""Initialize TrackBack metric
+
+		Parameters
+		----------
+		compress : bool
+		  if True then prefix common with previous invocation gets
+		  replaced with ...
+		"""
+		self.__prev = ""
+		self.__compress = compress
+
+	def __call__(self):
+		ftb = traceback.extract_stack(limit=100)[:-2]
+		entries = [[mbasename(x[0]), str(x[1])] for x in ftb]
+		entries = [ e for e in entries
+					if not e[0] in ['unittest', 'logging.__init__' ]]
+
+		# lets make it more consize
+		entries_out = [entries[0]]
+		for entry in entries[1:]:
+			if entry[0] == entries_out[-1][0]:
+				entries_out[-1][1] += ',%s' % entry[1]
+			else:
+				entries_out.append(entry)
+		sftb = '>'.join(['%s:%s' % (mbasename(x[0]),
+									x[1]) for x in entries_out])
+		if self.__compress:
+			# lets remove part which is common with previous invocation
+			prev_next = sftb
+			common_prefix = os.path.commonprefix((self.__prev, sftb))
+			common_prefix2 = re.sub('>[^>]*$', '', common_prefix)
+
+			if common_prefix2 != "":
+				sftb = '...' + sftb[len(common_prefix2):]
+			self.__prev = prev_next
+
+		return sftb
+
+class FormatterWithTraceBack(logging.Formatter):
+	"""Custom formatter which expands %(tb) and %(tbc) with tracebacks
+
+	TODO: might need locking in case of compressed tracebacks
+	"""
+	def __init__(self, fmt, *args, **kwargs):
+		logging.Formatter.__init__(self, fmt=fmt, *args, **kwargs)
+		compress = '%(tbc)s' in fmt
+		self._tb = TraceBack(compress=compress)
+
+	def format(self, record):
+		record.tbc = record.tb = self._tb()
+		return logging.Formatter.format(self, record)

From ba042c6e3a847afc2ec4d6def0d70e3ad8f34793 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 21:29:39 -0400
Subject: [PATCH 60/79] ENH: move pyinotify callback debug message into
 callback + delay string interpolations

---
 server/filterpyinotify.py | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/server/filterpyinotify.py b/server/filterpyinotify.py
index a2eea9d7..e86498b0 100644
--- a/server/filterpyinotify.py
+++ b/server/filterpyinotify.py
@@ -63,16 +63,17 @@ class FilterPyinotify(FileFilter):
 		logSys.debug("Created FilterPyinotify")
 
 
-	def callback(self, event):
+	def callback(self, event, origin=''):
+		logSys.debug("%sCallback for Event: %s", origin, event)
 		path = event.pathname
 		if event.mask & pyinotify.IN_CREATE:
 			# skip directories altogether
 			if event.mask & pyinotify.IN_ISDIR:
-				logSys.debug("Ignoring creation of directory %s" % path)
+				logSys.debug("Ignoring creation of directory %s", path)
 				return
 			# check if that is a file we care about
 			if not path in self.__watches:
-				logSys.debug("Ignoring creation of %s we do not monitor" % path)
+				logSys.debug("Ignoring creation of %s we do not monitor", path)
 				return
 			else:
 				# we need to substitute the watcher with a new one, so first
@@ -104,8 +105,8 @@ class FilterPyinotify(FileFilter):
 	def _addFileWatcher(self, path):
 		wd = self.__monitor.add_watch(path, pyinotify.IN_MODIFY)
 		self.__watches.update(wd)
-		logSys.debug("Added file watcher for %s" % path)
-		# process the file since we did get even 
+		logSys.debug("Added file watcher for %s", path)
+		# process the file since we did get even
 		self._process_file(path)
 
 
@@ -114,7 +115,7 @@ class FilterPyinotify(FileFilter):
 		wd = self.__monitor.rm_watch(wdInt)
 		if wd[wdInt]:
 			del self.__watches[path]
-			logSys.debug("Removed file watcher for %s" % path)
+			logSys.debug("Removed file watcher for %s", path)
 			return True
 		else:
 			return False
@@ -130,7 +131,7 @@ class FilterPyinotify(FileFilter):
 			# we need to watch also  the directory for IN_CREATE
 			self.__watches.update(
 				self.__monitor.add_watch(path_dir, pyinotify.IN_CREATE))
-			logSys.debug("Added monitor for the parent directory %s" % path_dir)
+			logSys.debug("Added monitor for the parent directory %s", path_dir)
 
 		self._addFileWatcher(path)
 
@@ -151,7 +152,7 @@ class FilterPyinotify(FileFilter):
 			# since there is no other monitored file under this directory
 			wdInt = self.__watches.pop(path_dir)
 			_ = self.__monitor.rm_watch(wdInt)
-			logSys.debug("Removed monitor for the parent directory %s" % path_dir)
+			logSys.debug("Removed monitor for the parent directory %s", path_dir)
 
 
 	##
@@ -165,7 +166,7 @@ class FilterPyinotify(FileFilter):
 		self.__notifier = pyinotify.ThreadedNotifier(self.__monitor,
 			ProcessPyinotify(self))
 		self.__notifier.start()
-		logSys.debug("pyinotifier started for %s." % self.jail.getName())
+		logSys.debug("pyinotifier started for %s.", self.jail.getName())
 		# TODO: verify that there is nothing really to be done for
 		#       idle jails
 		return True
@@ -201,5 +202,4 @@ class ProcessPyinotify(pyinotify.ProcessEvent):
 
 	# just need default, since using mask on watch to limit events
 	def process_default(self, event):
-		logSys.debug("Callback for Event: %s" % event)
-		self.__FileFilter.callback(event)
+		self.__FileFilter.callback(event, origin='Default ')

From 7064a411c2d6b2993bf05904c9e7447d747674bc Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 22:36:23 -0400
Subject: [PATCH 61/79] ENH: _copy_lines_between_files -- read all needed, and
 only then write/flush at once

I think this is the one which should resolve
https://github.com/fail2ban/fail2ban/issues/103
---
 testcases/filtertestcase.py | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index 4aef2c9d..a20a932d 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -105,20 +105,23 @@ def _copy_lines_between_files(fin, fout, n=None, skip=0, mode='a', terminal_line
 		time.sleep(1)
 	if isinstance(fin, str): # pragma: no branch - only used with str in test cases
 		fin = open(fin, 'r')
-	if isinstance(fout, str):
-		fout = open(fout, mode)
 	# Skip
 	for i in xrange(skip):
 		_ = fin.readline()
-	# Read/Write
+	# Read
 	i = 0
+	lines = []
 	while n is None or i < n:
 		l = fin.readline()
 		if terminal_line is not None and l == terminal_line:
 			break
-		fout.write(l)
-		fout.flush()
+		lines.append(l)
 		i += 1
+	# Write: all at once and flush
+	if isinstance(fout, str):
+		fout = open(fout, mode)
+	fout.write('\n'.join(lines))
+	fout.flush()
 	# to give other threads possibly some time to crunch
 	time.sleep(0.1)
 	return fout

From 2fb053643e620ea75e06ac72425eeee9d3055c1c Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Mon, 25 Mar 2013 23:59:42 -0400
Subject: [PATCH 62/79] ENH: minor -- add default value into the warning if
 option had none provided

---
 client/configreader.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/client/configreader.py b/client/configreader.py
index e1a2b69f..9028df48 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -122,8 +122,8 @@ class ConfigReader(SafeConfigParserWithIncludes):
 				values[option[1]] = option[2]
 			except NoOptionError:
 				if not option[2] == None:
-					logSys.warn("'%s' not defined in '%s'. Using default value"
-								% (option[1], sec))
+					logSys.warn("'%s' not defined in '%s'. Using default one: %r"
+								% (option[1], sec, option[2]))
 					values[option[1]] = option[2]
 			except ValueError:
 				logSys.warn("Wrong value for '" + option[1] + "' in '" + sec +

From 8fe4e11b6744c21d06fc7457b9997377a6325a94 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Tue, 26 Mar 2013 00:01:12 -0400
Subject: [PATCH 63/79] ENH: allow to force enable all jails (for testing), do
 not crash for jails without actions (just warn)

also a bit more explicit handling of regexp groups in splitAction
---
 client/jailreader.py  | 27 ++++++++++++++++++++-------
 client/jailsreader.py | 14 +++++++++++---
 2 files changed, 31 insertions(+), 10 deletions(-)

diff --git a/client/jailreader.py b/client/jailreader.py
index ec73ce46..ad69bfa0 100644
--- a/client/jailreader.py
+++ b/client/jailreader.py
@@ -40,10 +40,11 @@ class JailReader(ConfigReader):
 	
 	actionCRE = re.compile("^((?:\w|-|_|\.)+)(?:\[(.*)\])?$")
 	
-	def __init__(self, name, **kwargs):
+	def __init__(self, name, force_enable=False, **kwargs):
 		ConfigReader.__init__(self, **kwargs)
 		self.__name = name
 		self.__filter = None
+		self.__force_enable = force_enable
 		self.__actions = list()
 	
 	def setName(self, value):
@@ -56,7 +57,7 @@ class JailReader(ConfigReader):
 		return ConfigReader.read(self, "jail")
 	
 	def isEnabled(self):
-		return self.__opts["enabled"]
+		return self.__force_enable or self.__opts["enabled"]
 	
 	def getOptions(self):
 		opts = [["bool", "enabled", "false"],
@@ -87,6 +88,8 @@ class JailReader(ConfigReader):
 			# Read action
 			for act in self.__opts["action"].split('\n'):
 				try:
+					if not act:			  # skip empty actions
+						continue
 					splitAct = JailReader.splitAction(act)
 					action = ActionReader(splitAct, self.__name, basedir=self.getBaseDir())
 					ret = action.read()
@@ -97,8 +100,10 @@ class JailReader(ConfigReader):
 						raise AttributeError("Unable to read action")
 				except Exception, e:
 					logSys.error("Error in action definition " + act)
-					logSys.debug(e)
+					logSys.debug("Caught exception: %s" % (e,))
 					return False
+			if not len(self.__actions):
+				logSys.warn("No actions were defined for %s" % self.__name)
 		return True
 	
 	def convert(self):
@@ -143,12 +148,20 @@ class JailReader(ConfigReader):
 	def splitAction(action):
 		m = JailReader.actionCRE.match(action)
 		d = dict()
-		if not m.group(2) == None:
+		mgroups = m.groups()
+		if len(mgroups) == 2:
+			action_name, action_opts = mgroups
+		elif len(mgroups) == 1:
+			action_name, action_opts = mgroups[0], None
+		else:
+			raise ValueError("While reading action %s we should have got up to "
+							 "2 groups. Got: %r" % (action, mgroups))
+		if not action_opts is None:
 			# Huge bad hack :( This method really sucks. TODO Reimplement it.
 			actions = ""
 			escapeChar = None
 			allowComma = False
-			for c in m.group(2):
+			for c in action_opts:
 				if c in ('"', "'") and not allowComma:
 					# Start
 					escapeChar = c
@@ -173,6 +186,6 @@ class JailReader(ConfigReader):
 				try:
 					d[p[0].strip()] = p[1].strip()
 				except IndexError:
-					logSys.error("Invalid argument %s in '%s'" % (p, m.group(2)))
-		return [m.group(1), d]
+					logSys.error("Invalid argument %s in '%s'" % (p, action_opts))
+		return [action_name, d]
 	splitAction = staticmethod(splitAction)
diff --git a/client/jailsreader.py b/client/jailsreader.py
index e1b8efa3..91e178d6 100644
--- a/client/jailsreader.py
+++ b/client/jailsreader.py
@@ -36,9 +36,17 @@ logSys = logging.getLogger("fail2ban.client.config")
 
 class JailsReader(ConfigReader):
 	
-	def __init__(self, **kwargs):
+	def __init__(self, force_enable=False, **kwargs):
+		"""
+		Parameters
+		----------
+		force_enable : bool, optional
+		  Passed to JailReader to force enable the jails.
+		  It is for internal use
+		"""
 		ConfigReader.__init__(self, **kwargs)
 		self.__jails = list()
+		self.__force_enable = force_enable
 	
 	def read(self):
 		return ConfigReader.read(self, "jail")
@@ -49,7 +57,7 @@ class JailsReader(ConfigReader):
 
 		if section:
 			# Get the options of a specific jail.
-			jail = JailReader(section, basedir=self.getBaseDir())
+			jail = JailReader(section, basedir=self.getBaseDir(), force_enable=self.__force_enable)
 			jail.read()
 			ret = jail.getOptions()
 			if ret:
@@ -62,7 +70,7 @@ class JailsReader(ConfigReader):
 		else:
 			# Get the options of all jails.
 			for sec in self.sections():
-				jail = JailReader(sec, basedir=self.getBaseDir())
+				jail = JailReader(sec, basedir=self.getBaseDir(), force_enable=self.__force_enable)
 				jail.read()
 				ret = jail.getOptions()
 				if ret:

From c06b7abb4685474e5e5fb4c04b7d639514973d1f Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Tue, 26 Mar 2013 00:01:56 -0400
Subject: [PATCH 64/79] TST: basic testing of reading the shipped jail.conf
 (forcing all jails to be enabled)

---
 testcases/clientreadertestcase.py | 32 +++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index d581a81f..28eb6b09 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -17,14 +17,8 @@
 # along with Fail2Ban; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
-# Author: Cyril Jaquier
-# 
-# $Revision$
-
-__author__ = "Cyril Jaquier"
-__version__ = "$Revision$"
-__date__ = "$Date$"
-__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
+__author__ = "Cyril Jaquier, Yaroslav Halchenko"
+__copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav Halchenko"
 __license__ = "GPL"
 
 import os, shutil, tempfile, unittest
@@ -130,3 +124,25 @@ class JailsReaderTest(unittest.TestCase):
 		# commands to communicate to the server
 		self.assertEqual(comm_commands, [])
 
+	def testReadStockJailConfForceEnabled(self):
+		# more of a smoke test to make sure that no obvious surprises
+		# on users' systems when enabling shipped jails
+		jails = JailsReader(basedir='config', force_enable=True) # we are running tests from root project dir atm
+		self.assertTrue(jails.read())		  # opens fine
+		self.assertTrue(jails.getOptions())	  # reads fine
+		comm_commands = jails.convert()
+
+		# by default we have lots of jails ;)
+		self.assertTrue(len(comm_commands))
+
+		# and we know even some of them by heart
+		for j in ['ssh-iptables', 'recidive']:
+			# by default we have 'auto' backend ATM
+			self.assertTrue(['add', j, 'auto'] in comm_commands)
+			# and warn on useDNS
+			self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
+			self.assertTrue(['start', j] in comm_commands)
+		# last commands should be the 'start' commands
+		self.assertEqual(comm_commands[-1][0], 'start')
+		# TODO: make sure that all of the jails have actions assigned,
+		#       otherwise it makes little to no sense

From 91d5736c125a0d9db0a688e928bc17db2afaec82 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Tue, 26 Mar 2013 09:40:04 -0400
Subject: [PATCH 65/79] ENH: postfix filter -- react also on (450 4.7.1) with
 empty from/to. fixes #126

---
 config/filter.d/postfix.conf | 1 +
 testcases/files/logs/postfix | 3 +++
 2 files changed, 4 insertions(+)
 create mode 100644 testcases/files/logs/postfix

diff --git a/config/filter.d/postfix.conf b/config/filter.d/postfix.conf
index 8db7faee..d2dc4a0c 100644
--- a/config/filter.d/postfix.conf
+++ b/config/filter.d/postfix.conf
@@ -15,6 +15,7 @@
 # Values:  TEXT
 #
 failregex = reject: RCPT from (.*)\[<HOST>\]: 554
+            reject: RCPT from (.*)\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.
diff --git a/testcases/files/logs/postfix b/testcases/files/logs/postfix
new file mode 100644
index 00000000..28ff95a4
--- /dev/null
+++ b/testcases/files/logs/postfix
@@ -0,0 +1,3 @@
+# per https://github.com/fail2ban/fail2ban/issues/125
+# and https://github.com/fail2ban/fail2ban/issues/126
+Feb 21 09:21:54 xxx postfix/smtpd[14398]: NOQUEUE: reject: RCPT from example.com[192.0.43.10]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo=

From 72b06479a58c3c3961e0bc5d4812271662bf946e Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 11:08:33 -0400
Subject: [PATCH 66/79] ENH: Slight tune ups for fresh SOGo filter + comment
 into the sample log file

---
 config/filter.d/sogo-auth.conf | 2 +-
 testcases/files/logs/sogo-auth | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/config/filter.d/sogo-auth.conf b/config/filter.d/sogo-auth.conf
index 6054c589..3e238419 100644
--- a/config/filter.d/sogo-auth.conf
+++ b/config/filter.d/sogo-auth.conf
@@ -11,7 +11,7 @@
 # Note: the error log may contain multiple hosts, whereas the first one 
 # is the client and all others are poxys. We match the first one, only
 
-failregex = Login from '<HOST>.*' for user '.*' might not have worked
+failregex = Login from '<HOST>' for user '.*' might not have worked( - password policy: \d*  grace: -?\d*  expire: -?\d*  bound: -?\d*)?\s*$
 
 # Option: ignoreregex
 # Notes.: regex to ignore. If this regex matches, the line is ignored.
diff --git a/testcases/files/logs/sogo-auth b/testcases/files/logs/sogo-auth
index 6dbe7356..e4fb9409 100644
--- a/testcases/files/logs/sogo-auth
+++ b/testcases/files/logs/sogo-auth
@@ -1,3 +1,6 @@
+# yoh: Kept original apache log lines as well, just in case they might come useful
+#      for (testing) multiline regular expressions which would further constraint
+#      SOGo log lines
 Mar 24 08:58:32 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87c3008> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=hack0r,ou=users,dc=mail,dc=example,dc=org"; }
 Mar 24 08:58:32 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'hack0r' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
 173.194.44.31 - - [24/Mar/2013:08:58:32 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/38 0.311 - - 2M
@@ -12,4 +15,3 @@ Mar 24 08:58:59 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user
 173.194.44.31 - - [24/Mar/2013:08:58:59 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/36 0.007 - - 0
 Mar 24 08:59:04 sogod [26818]: <0x0xb8537990[LDAPSource]> <NSException: 0xb87bc088> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "uid=admin,ou=users,dc=mail,dc=example,dc=org"; }
 Mar 24 08:59:04 sogod [26818]: SOGoRootPage Login from '173.194.44.31' for user 'admin' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
-173.194.44.31 - - [24/Mar/2013:08:59:04 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/37 0.007 - - 0

From f643e2e907ddb47d565896cc7bec6cfccf79517d Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 11:51:07 -0400
Subject: [PATCH 67/79] non-static (get|set)BaseDir for Configurator. fixes
 #160

ConfigReader's (get|set)BaseDir are no longer static as a result of
.d/ support RFing
---
 client/configurator.py            | 20 ++++++++++++--------
 testcases/clientreadertestcase.py | 19 +++++++++++++++++++
 2 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/client/configurator.py b/client/configurator.py
index 0baff2d8..2097fd54 100644
--- a/client/configurator.py
+++ b/client/configurator.py
@@ -43,15 +43,19 @@ class Configurator:
 		self.__fail2ban = Fail2banReader()
 		self.__jails = JailsReader()
 	
-	#@staticmethod
-	def setBaseDir(folderName):
-		ConfigReader.setBaseDir(folderName)
-	setBaseDir = staticmethod(setBaseDir)
+	def setBaseDir(self, folderName):
+		self.__fail2ban.setBaseDir(folderName)
+		self.__jails.setBaseDir(folderName)
 	
-	#@staticmethod
-	def getBaseDir():
-		return ConfigReader.getBaseDir()
-	getBaseDir = staticmethod(getBaseDir)
+	def getBaseDir(self):
+		fail2ban_basedir = self.__fail2ban.getBaseDir()
+		jails_basedir = self.__jails.getBaseDir()
+		if fail2ban_basedir != jails_basedir:
+			logSys.error("fail2ban.conf and jails.conf readers have differing "
+						 "basedirs: %r and %r. "
+						 "Returning the one for fail2ban.conf"
+						 % (fail2ban_basedir, jails_basedir))
+		return fail2ban_basedir
 	
 	def readEarly(self):
 		self.__fail2ban.read()
diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index 28eb6b09..3e606785 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -25,6 +25,7 @@ import os, shutil, tempfile, unittest
 from client.configreader import ConfigReader
 from client.jailreader import JailReader
 from client.jailsreader import JailsReader
+from client.configurator import Configurator
 
 class ConfigReaderTest(unittest.TestCase):
 
@@ -146,3 +147,21 @@ class JailsReaderTest(unittest.TestCase):
 		self.assertEqual(comm_commands[-1][0], 'start')
 		# TODO: make sure that all of the jails have actions assigned,
 		#       otherwise it makes little to no sense
+
+	def testConfigurator(self):
+		configurator = Configurator()
+		configurator.setBaseDir('config')
+		self.assertEqual(configurator.getBaseDir(), 'config')
+
+		configurator.readEarly()
+		opts = configurator.getEarlyOptions()
+		# our current default settings
+		self.assertEqual(opts['socket'], '/var/run/fail2ban/fail2ban.sock')
+		self.assertEqual(opts['pidfile'], '/var/run/fail2ban/fail2ban.pid')
+
+		# and if we force change configurator's fail2ban's baseDir
+		# there should be an error message (test visually ;) --
+		# otherwise just a code smoke test)
+		configurator._Configurator__jails.setBaseDir('/tmp')
+		self.assertEqual(configurator._Configurator__jails.getBaseDir(), '/tmp')
+		self.assertEqual(configurator.getBaseDir(), 'config')

From 4b11f071ed3f3a3f066e9680ec0b4a2ad3c1822e Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 12:02:19 -0400
Subject: [PATCH 68/79] DOC: minor fix ups of manpages. fixes #159

---
 man/fail2ban.1  | 2 +-
 man/jail.conf.5 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/man/fail2ban.1 b/man/fail2ban.1
index 9af9ec54..8f93dbc7 100644
--- a/man/fail2ban.1
+++ b/man/fail2ban.1
@@ -1,4 +1,4 @@
-.TH FAIL2BAN "1"
+.TH FAIL2BAN "1" "March 2013" "Fail2Ban"
 .SH NAME
 fail2ban \- a set of server and client programs to limit brute force authentication attempts.
 .SH DESCRIPTION
diff --git a/man/jail.conf.5 b/man/jail.conf.5
index 10bcef7f..552b0ac0 100644
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@@ -1,4 +1,4 @@
-.TH JAIL.CONF.5 "fail2ban" "jail.conf(5)"
+.TH JAIL.CONF "5" "March 2013" "Fail2Ban" "Fail2Ban Configuration"
 .SH NAME
 jail.conf \- configuration for the fail2ban server
 .SH SYNOPSIS
@@ -30,7 +30,7 @@ Override only the settings you need to change and the rest of the configuration
 \fI*.d/\fR
 .RS
 In addition to .local, for any .conf file there can be a corresponding
-.d directory to contain additional .conf files that will be read after the
+\fI.d/\fR directory to contain additional .conf files that will be read after the
 appropriate .local file.  Last parsed file will take precidence over
 identical entries, parsed alphabetically, e.g.
 

From ab044b75ea0ad89e44ae075d24162ff9d5c07284 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 12:22:39 -0400
Subject: [PATCH 69/79] BF: delay check for the existence of config directory
 until read()

---
 client/configreader.py            | 6 +++---
 testcases/clientreadertestcase.py | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/client/configreader.py b/client/configreader.py
index 9028df48..243c843c 100644
--- a/client/configreader.py
+++ b/client/configreader.py
@@ -46,15 +46,15 @@ class ConfigReader(SafeConfigParserWithIncludes):
 	def setBaseDir(self, basedir):
 		if basedir is None:
 			basedir = ConfigReader.DEFAULT_BASEDIR	# stock system location
-		if not (os.path.exists(basedir) and os.access(basedir, os.R_OK | os.X_OK)):
-			raise ValueError("Base configuration directory %s either does not exist "
-							 "or is not accessible" % basedir)
 		self._basedir = basedir.rstrip('/')
 	
 	def getBaseDir(self):
 		return self._basedir
 	
 	def read(self, filename):
+		if not (os.path.exists(self._basedir) and os.access(self._basedir, os.R_OK | os.X_OK)):
+			raise ValueError("Base configuration directory %s either does not exist "
+							 "or is not accessible" % self._basedir)
 		basename = os.path.join(self._basedir, filename)
 		logSys.debug("Reading configs for %s under %s "  % (basename, self._basedir))
 		config_files = [ basename + ".conf",
diff --git a/testcases/clientreadertestcase.py b/testcases/clientreadertestcase.py
index 3e606785..fad16f04 100644
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@@ -114,7 +114,8 @@ class JailsReaderTest(unittest.TestCase):
 
 	def testProvidingBadBasedir(self):
 		if not os.path.exists('/XXX'):
-			self.assertRaises(ValueError, JailsReader, basedir='/XXX')
+			reader = JailsReader(basedir='/XXX')
+			self.assertRaises(ValueError, reader.read)
 
 	def testReadStockJailConf(self):
 		jails = JailsReader(basedir='config') # we are running tests from root project dir atm

From bf4d4af1d42e9acc50f8f70ae34d13ecaeee4dc6 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 15:11:49 -0400
Subject: [PATCH 70/79] ENH(BF?): overload open() (for buffering) within
 filtertestcase to guarantee atomic writing

This is with the hope to further resolve random tests failures
( primarily on fast travis-ci systems ;) )
---
 testcases/filtertestcase.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index a20a932d..ae0e6525 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -22,6 +22,7 @@
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier; 2012 Yaroslav Halchenko"
 __license__ = "GPL"
 
+from __builtin__ import open as fopen
 import unittest
 import os
 import sys
@@ -38,6 +39,20 @@ from server.failmanager import FailManagerEmpty
 # Useful helpers
 #
 
+# yoh: per Steven Hiscocks's insight while troubleshooting
+# https://github.com/fail2ban/fail2ban/issues/103#issuecomment-15542836
+# adding a sufficiently large buffer might help to guarantee that
+# writes happen atomically.
+def open(*args):
+	"""Overload built in open so we could assure sufficiently large buffer
+
+	Explicit .flush would be needed to assure that changes leave the buffer
+	"""
+	if len(args) == 2:
+		# ~50kB buffer should be sufficient for all tests here.
+		args = args + (50000,)
+	return fopen(*args)
+
 def _killfile(f, name):
 	try:
 		f.close()

From ef3f2b7e999ea4a02890e55e03f03d608d929699 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Wed, 27 Mar 2013 23:40:50 -0400
Subject: [PATCH 71/79] TST: be more aggressive in cleanup of temp files + use
 mktemp instead of mkstemp

---
 testcases/filtertestcase.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index ae0e6525..788c9e9d 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -63,6 +63,11 @@ def _killfile(f, name):
 	except:
 		pass
 
+	# there might as well be the .bak file
+	if os.path.exists(name + '.bak'):
+		_killfile(None, name + '.bak')
+
+
 def _sleep_4_poll():
 	"""PollFilter relies on file timestamps - so we might need to
 	sleep to guarantee that they differ
@@ -342,7 +347,9 @@ def get_monitor_failures_testcase(Filter_):
 	"""Generator of TestCase's for different filters/backends
 	"""
 
-	_, testclass_name = tempfile.mkstemp('fail2ban', 'monitorfailures')
+	# add Filter_'s name so we could easily identify bad cows
+	testclass_name = tempfile.mktemp(
+		'fail2ban', 'monitorfailures_%s' % (Filter_.__name__,))
 
 	class MonitorFailures(unittest.TestCase):
 		count = 0

From 7cf509378cadd949c9bd76ed650955efe877d1fa Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Thu, 28 Mar 2013 11:36:18 -0400
Subject: [PATCH 72/79] DOC: minor change -- refer to the fail2ban manpage

---
 README | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/README b/README
index e926509e..cab683f5 100644
--- a/README
+++ b/README
@@ -51,10 +51,12 @@ call fail2ban-server directly.
 Configuration:
 --------------
 
-You can configure Fail2ban using the files in /etc/fail2ban. It is possible to
-configure the server using commands sent to it by fail2ban-client. The available
-commands are described in the man page of fail2ban-client. Please refer to it or
-to the website: http://www.fail2ban.org
+You can configure Fail2Ban using the files in /etc/fail2ban. It is
+possible to configure the server using commands sent to it by
+fail2ban-client. The available commands are described in the
+fail2ban-client(1) manpage.  Also see fail2ban(1) manpage for further
+references and find even more documentation on the website:
+http://www.fail2ban.org
 
 Contact:
 --------

From ffbbb9f8a38fca86b08c1d3f7c2a44749e5c1114 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 29 Mar 2013 12:31:50 -0400
Subject: [PATCH 73/79] ENH: deleted trailing spaces in fail2ban- cmdline tools

Now it was already a mix, and Cyril is not working on this code any
longer so no need to maintain this convention.
---
 fail2ban-client | 46 +++++++++++++++++++++++-----------------------
 fail2ban-regex  | 28 ++++++++++++++--------------
 fail2ban-server | 18 +++++++++---------
 3 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/fail2ban-client b/fail2ban-client
index 061208dd..d8147f02 100755
--- a/fail2ban-client
+++ b/fail2ban-client
@@ -63,7 +63,7 @@ class Fail2banClient:
 		self.__conf["interactive"] = False
 		self.__conf["socket"] = None
 		self.__conf["pidfile"] = None
-		
+
 	def dispVersion(self):
 		print "Fail2Ban v" + version
 		print
@@ -73,7 +73,7 @@ class Fail2banClient:
 		print
 		print "Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>."
 		print "Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>."
-	
+
 	def dispUsage(self):
 		""" Prints Fail2Ban command line options and exits
 		"""
@@ -95,17 +95,17 @@ class Fail2banClient:
 		print "    -V, --version           print the version"
 		print
 		print "Command:"
-		
+
 		# Prints the protocol
 		printFormatted()
-		
+
 		print
 		print "Report bugs to https://github.com/fail2ban/fail2ban/issues"
-	
+
 	def dispInteractive(self):
 		print "Fail2Ban v" + version + " reads log file that contains password failure report"
 		print "and bans the corresponding IP addresses using firewall rules."
-		print 
+		print
 
 	def __sigTERMhandler(self, signum, frame):
 		# Print a new line because we probably come from wait
@@ -139,10 +139,10 @@ class Fail2banClient:
 			elif opt[0] in ["-V", "--version"]:
 				self.dispVersion()
 				sys.exit(0)
-	
+
 	def __ping(self):
 		return self.__processCmd([["ping"]], False)
-	
+
 	def __processCmd(self, cmd, showRet = True):
 		beautifier = Beautifier()
 		for c in cmd:
@@ -167,7 +167,7 @@ class Fail2banClient:
 					logSys.error(e)
 				return False
 		return True
-		
+
 	##
 	# Process a command line.
 	#
@@ -241,13 +241,13 @@ class Fail2banClient:
 				return False
 		else:
 			return self.__processCmd([cmd])
-	
-	
+
+
 	##
 	# Start Fail2Ban server.
 	#
 	# Start the Fail2ban server in daemon mode.
-	
+
 	def __startServerAsync(self, socket, pidfile, force = False):
 		# Forks the current process.
 		pid = os.fork()
@@ -278,7 +278,7 @@ class Fail2banClient:
 				except OSError:
 					logSys.error("Could not start %s" % self.SERVER)
 					os.exit(-1)
-	
+
 	def __waitOnServer(self):
 		# Wait for the server to start
 		cnt = 0
@@ -306,16 +306,16 @@ class Fail2banClient:
 			cnt += 1
 		if self.__conf["verbose"] > 1:
 			sys.stdout.write('\n')
-			
-	
+
+
 	def start(self, argv):
 		# Command line options
 		self.__argv = argv
-		
+
 		# Install signal handlers
 		signal.signal(signal.SIGTERM, self.__sigTERMhandler)
 		signal.signal(signal.SIGINT, self.__sigTERMhandler)
-		
+
 		# Reads the command line options.
 		try:
 			cmdOpts = 'hc:s:p:xdviqV'
@@ -324,9 +324,9 @@ class Fail2banClient:
 		except getopt.GetoptError:
 			self.dispUsage()
 			return False
-			
+
 		self.__getCmdLineOptions(optList)
-		
+
 		verbose = self.__conf["verbose"]
 		if verbose <= 0:
 			logSys.setLevel(logging.ERROR)
@@ -346,7 +346,7 @@ class Fail2banClient:
 
 		# Set the configuration path
 		self.__configurator.setBaseDir(self.__conf["conf"])
-		
+
 		# Set socket path
 		self.__configurator.readEarly()
 		conf = self.__configurator.getEarlyOptions()
@@ -360,7 +360,7 @@ class Fail2banClient:
 			ret = self.__readConfig()
 			self.dumpConfig(self.__stream)
 			return ret
-		
+
 		# Interactive mode
 		if self.__conf["interactive"]:
 			try:
@@ -401,14 +401,14 @@ class Fail2banClient:
 		self.__configurator.convertToProtocol()
 		self.__stream = self.__configurator.getConfigStream()
 		return ret
-	
+
 	def __readJailConfig(self, jail):
 		self.__configurator.readAll()
 		ret = self.__configurator.getOptions(jail)
 		self.__configurator.convertToProtocol()
 		self.__stream = self.__configurator.getConfigStream()
 		return ret
-	
+
 	#@staticmethod
 	def dumpConfig(cmd):
 		for c in cmd:
diff --git a/fail2ban-regex b/fail2ban-regex
index f9bc72c1..a0a90b05 100755
--- a/fail2ban-regex
+++ b/fail2ban-regex
@@ -50,24 +50,24 @@ class RegexStat:
 	def __str__(self):
 		return "%s(%r) %d failed: %s" \
 		  % (self.__class__, self.__failregex, self.__stats, self.__ipList)
-	
+
 	def inc(self):
 		self.__stats += 1
-	
+
 	def getStats(self):
 		return self.__stats
 
 	def getFailRegex(self):
 		return self.__failregex
-	
+
 	def appendIP(self, value):
 		self.__ipList.extend(value)
-	
+
 	def getIPList(self):
 		return self.__ipList
 
 class Fail2banRegex:
-	
+
 	test = None
 
 	CONFIG_DEFAULTS = {'configpath' : "/etc/fail2ban/"}
@@ -87,7 +87,7 @@ class Fail2banRegex:
 		self.__logging_level = self.__verbose and logging.DEBUG or logging.WARN
 		logging.getLogger("fail2ban").addHandler(self.__hdlr)
 		logging.getLogger("fail2ban").setLevel(logging.ERROR)
-	
+
 	#@staticmethod
 	def dispVersion():
 		print "Fail2Ban v" + version
@@ -99,7 +99,7 @@ class Fail2banRegex:
 		print "Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>."
 		print "Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>."
 	dispVersion = staticmethod(dispVersion)
-	
+
 	#@staticmethod
 	def dispUsage():
 		print "Usage: "+sys.argv[0]+" [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]"
@@ -128,7 +128,7 @@ class Fail2banRegex:
 		print
 		print "Report bugs to https://github.com/fail2ban/fail2ban/issues"
 	dispUsage = staticmethod(dispUsage)
-	
+
 	def getCmdLineOptions(self, optList):
 		""" Gets the command line options
 		"""
@@ -204,7 +204,7 @@ class Fail2banRegex:
 			print "Use regex line : " + stripReg
 			self.__failregex = [RegexStat(value)]
 		return True
-	
+
 	def testIgnoreRegex(self, line):
 		found = False
 		for regex in self.__ignoreregex:
@@ -221,7 +221,7 @@ class Fail2banRegex:
 			finally:
 				self.__filter.delIgnoreRegex(0)
 				logging.getLogger("fail2ban").setLevel(self.__logging_level)
-	
+
 	def testRegex(self, line):
 		found = False
 		for regex in self.__ignoreregex:
@@ -251,7 +251,7 @@ class Fail2banRegex:
 				logging.getLogger("fail2ban").setLevel(logging.CRITICAL)
 		for regex in self.__ignoreregex:
 					self.__filter.delIgnoreRegex(0)
-	
+
 	def printStats(self):
 		print
 		print "Results"
@@ -300,20 +300,20 @@ class Fail2banRegex:
 						print "    %s (%s)%s" % (
 							ip[0], timeString, ip[2] and " (already matched)" or "")
 			print
-			
+
 			print "Date template hits:"
 			for template in self.__filter.dateDetector.getTemplates():
 				if self.__verbose or template.getHits():
 					print `template.getHits()` + " hit(s): " + template.getName()
 			print
-			
+
 			print "Success, the total number of match is " + str(total)
 			print
 			print "However, look at the above section 'Running tests' which could contain important"
 			print "information."
 			return True
 
-			
+
 if __name__ == "__main__":
 	fail2banRegex = Fail2banRegex()
 	# Reads the command line options.
diff --git a/fail2ban-server b/fail2ban-server
index 81db58bd..404a1ced 100755
--- a/fail2ban-server
+++ b/fail2ban-server
@@ -46,7 +46,7 @@ logSys = logging.getLogger("fail2ban")
 # Its first goal was to protect a SSH server.
 
 class Fail2banServer:
-	
+
 	def __init__(self):
 		self.__server = None
 		self.__argv = None
@@ -55,7 +55,7 @@ class Fail2banServer:
 		self.__conf["force"] = False
 		self.__conf["socket"] = "/var/run/fail2ban/fail2ban.sock"
 		self.__conf["pidfile"] = "/var/run/fail2ban/fail2ban.pid"
-	
+
 	def dispVersion(self):
 		print "Fail2Ban v" + version
 		print
@@ -65,7 +65,7 @@ class Fail2banServer:
 		print
 		print "Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>."
 		print "Many contributions by Yaroslav O. Halchenko <debian@onerussian.com>."
-	
+
 	def dispUsage(self):
 		""" Prints Fail2Ban command line options and exits
 		"""
@@ -88,7 +88,7 @@ class Fail2banServer:
 		print "    -V, --version        print the version"
 		print
 		print "Report bugs to https://github.com/fail2ban/fail2ban/issues"
-	
+
 	def __getCmdLineOptions(self, optList):
 		""" Gets the command line options
 		"""
@@ -109,11 +109,11 @@ class Fail2banServer:
 			if opt[0] in ["-V", "--version"]:
 	 			self.dispVersion()
 				sys.exit(0)
-		
+
 	def start(self, argv):
 		# Command line options
 		self.__argv = argv
-		
+
 		# Reads the command line options.
 		try:
 			cmdOpts = 'bfs:p:xhV'
@@ -122,9 +122,9 @@ class Fail2banServer:
 		except getopt.GetoptError:
 			self.dispUsage()
 			sys.exit(-1)
-			
+
 		self.__getCmdLineOptions(optList)
-		
+
 		try:
 			self.__server = Server(self.__conf["background"])
 			self.__server.start(self.__conf["socket"],
@@ -135,7 +135,7 @@ class Fail2banServer:
 			logSys.exception(e)
 			self.__server.quit()
 			return False
-		
+
 if __name__ == "__main__":
 	server = Fail2banServer()
 	if server.start(sys.argv):

From b3251fca7934c107c552ccc23618aa9647b679cc Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 29 Mar 2013 17:16:19 +0000
Subject: [PATCH 74/79] TST: Add support for coveralls for python 2.6 and
 python 2.7

---
 .travis.yml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index e655e7c1..2095446a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -6,6 +6,9 @@ python:
   - "2.6"
   - "2.7"
 install:
-  - "pip install pyinotify"
+  - pip install pyinotify
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then pip install coveralls; fi
 script:
-    - python ./fail2ban-testcases
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coverage python ./fail2ban-testcases; else python ./fail2ban-testcases; fi
+after_script:
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coveralls; fi

From 92d26e68972c291b085f0f0d85be3b35a02a44b6 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 29 Mar 2013 17:22:48 +0000
Subject: [PATCH 75/79] TST+BF: Fix incorrect commands for coveralls support

---
 .travis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 2095446a..b3de1358 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -7,8 +7,8 @@ python:
   - "2.7"
 install:
   - pip install pyinotify
-  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then pip install coveralls; fi
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then pip install -q coveralls; fi
 script:
-  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coverage python ./fail2ban-testcases; else python ./fail2ban-testcases; fi
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coverage run fail2ban-testcases; else python ./fail2ban-testcases; fi
 after_script:
   - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coveralls; fi

From e7184e70f638720e37b18277544474082826fe78 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 29 Mar 2013 14:59:52 -0400
Subject: [PATCH 76/79] ENH: increase waiting to 4 sec for gamin/pyinotify

This will be the last gesture from me for the bloody tests:
https://travis-ci.org/kwirk/fail2ban/jobs/5904668
---
 testcases/filtertestcase.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index 788c9e9d..927cb2fe 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -458,7 +458,7 @@ def get_monitor_failures_testcase(Filter_):
 			self.file = _copy_lines_between_files(GetFailures.FILENAME_01, self.name,
 												  n=14, mode='w')
 			# Poll might need more time
-			self.assertTrue(self.isEmpty(2 + int(isinstance(self.filter, FilterPoll))*4))
+			self.assertTrue(self.isEmpty(4 + int(isinstance(self.filter, FilterPoll))*2))
 			self.assertRaises(FailManagerEmpty, self.filter.failManager.toBan)
 			self.assertEqual(self.filter.failManager.getFailTotal(), 2)
 

From e0e116cb361c4c27d4956fadf9bf8ba9afc23fec Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 29 Mar 2013 19:09:55 +0000
Subject: [PATCH 77/79] TST: coverage ignore Travis CI python virtual
 environments

---
 .coveragerc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.coveragerc b/.coveragerc
index 3bffd79a..17fb730b 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,4 +1,4 @@
 
 [run]
 branch = True
-omit = /usr*
+omit = /usr* /home/travis/virtualenv/*

From 33a31e096a1af6b5adbd3a4d2fd9524eb86e5496 Mon Sep 17 00:00:00 2001
From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 29 Mar 2013 15:32:43 -0400
Subject: [PATCH 78/79] RF+TST: bring inBanList back from private to protected
 and enabled its rudimentary unittests

---
 server/banmanager.py            | 4 ++--
 testcases/banmanagertestcase.py | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/server/banmanager.py b/server/banmanager.py
index 596dc4e9..1143f791 100644
--- a/server/banmanager.py
+++ b/server/banmanager.py
@@ -148,7 +148,7 @@ class BanManager:
 	def addBanTicket(self, ticket):
 		try:
 			self.__lock.acquire()
-			if not self.__inBanList(ticket):
+			if not self._inBanList(ticket):
 				self.__banList.append(ticket)
 				self.__banTotal += 1
 				return True
@@ -177,7 +177,7 @@ class BanManager:
 	# @param ticket the ticket
 	# @return True if a ticket already exists
 	
-	def __inBanList(self, ticket):
+	def _inBanList(self, ticket):
 		for i in self.__banList:
 			if ticket.getIP() == i.getIP():
 				return True
diff --git a/testcases/banmanagertestcase.py b/testcases/banmanagertestcase.py
index 7d389eed..6d0ce55a 100644
--- a/testcases/banmanagertestcase.py
+++ b/testcases/banmanagertestcase.py
@@ -49,11 +49,11 @@ class AddFailure(unittest.TestCase):
 		self.assertFalse(self.__banManager.addBanTicket(self.__ticket))
 		self.assertEqual(self.__banManager.size(), 1)
 		
-	def _testInListOK(self):
+	def testInListOK(self):
 		ticket = BanTicket('193.168.0.128', 1167605999.0)
-		self.assertTrue(self.__banManager.inBanList(ticket))
+		self.assertTrue(self.__banManager._inBanList(ticket))
 	
-	def _testInListNOK(self):
+	def testInListNOK(self):
 		ticket = BanTicket('111.111.1.111', 1167605999.0)
-		self.assertFalse(self.__banManager.inBanList(ticket))
+		self.assertFalse(self.__banManager._inBanList(ticket))
 		

From 0002fb4ca3913cc598403163c3fb5db13ad3cf78 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Fri, 29 Mar 2013 20:14:13 +0000
Subject: [PATCH 79/79] TST+BF: Use separate coveragerc for Travis CI

Should now ignore server/filtergamin.py as gamin is not tested. Also
ignores Travis CI python virtual environments
---
 .coveragerc        | 2 +-
 .travis.yml        | 2 +-
 .travis_coveragerc | 7 +++++++
 3 files changed, 9 insertions(+), 2 deletions(-)
 create mode 100644 .travis_coveragerc

diff --git a/.coveragerc b/.coveragerc
index 17fb730b..3bffd79a 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,4 +1,4 @@
 
 [run]
 branch = True
-omit = /usr* /home/travis/virtualenv/*
+omit = /usr*
diff --git a/.travis.yml b/.travis.yml
index b3de1358..773c5f0b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -9,6 +9,6 @@ install:
   - pip install pyinotify
   - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then pip install -q coveralls; fi
 script:
-  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coverage run fail2ban-testcases; else python ./fail2ban-testcases; fi
+  - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coverage run --rcfile=.travis_coveragerc fail2ban-testcases; else python ./fail2ban-testcases; fi
 after_script:
   - if [[ $TRAVIS_PYTHON_VERSION == 2.[6-7] ]]; then coveralls; fi
diff --git a/.travis_coveragerc b/.travis_coveragerc
new file mode 100644
index 00000000..4d4b7ebd
--- /dev/null
+++ b/.travis_coveragerc
@@ -0,0 +1,7 @@
+
+[run]
+branch = True
+omit =
+    /usr/*
+    /home/travis/virtualenv/*
+    server/filtergamin.py