Revert to upstream

client/filterreader.py

@@ -54,9 +54,7 @@ class FilterReader(ConfigReader):
 	
 	def getOptions(self, pOpts):
 		opts = [["string", "ignoreregex", ""],
-				["string", "failregex", ""],
-				["string", "ignorecommand", ""]
-				]
+				["string", "failregex", ""]]
 		self.__opts = ConfigReader.getOptions(self, "Definition", opts, pOpts)
 	
 	def convert(self):

client/jailreader.py

@@ -81,7 +81,6 @@ class JailReader(ConfigReader):
 				["int", "bantime", 600],
 				["string", "usedns", "warn"],
 				["string", "failregex", None],
-				["string", "ignorecommand", None],
 				["string", "ignoreregex", None],
 				["string", "ignoreip", None],
 				["string", "filter", ""],
@@ -161,8 +160,6 @@ class JailReader(ConfigReader):
 				stream.append(["set", self.__name, "usedns", self.__opts[opt]])
 			elif opt == "failregex":
 				stream.append(["set", self.__name, "addfailregex", self.__opts[opt]])
-			elif opt == "ignorecommand":
-				stream.append(["set", self.__name, "ignorecommand", self.__opts[opt]])
 			elif opt == "ignoreregex":
 				for regex in self.__opts[opt].split('\n'):
 					# Do not send a command if the rule is empty.

common/protocol.py

@@ -49,7 +49,6 @@ protocol = [
 ["stop <JAIL>", "stops the jail <JAIL>. The jail is removed"], 
 ["status <JAIL>", "gets the current status of <JAIL>"],
 ['', "JAIL CONFIGURATION", ""],
-["set <JAIL> ignorecommand <VALUE>", "sets ignorecommand of <JAIL>"],
 ["set <JAIL> idle on|off", "sets the idle state of <JAIL>"], 
 ["set <JAIL> addignoreip <IP>", "adds <IP> to the ignore list of <JAIL>"], 
 ["set <JAIL> delignoreip <IP>", "removes <IP> from the ignore list of <JAIL>"], 
@@ -75,7 +74,6 @@ protocol = [
 ["set <JAIL> actionban <ACT> <CMD>", "sets the ban command <CMD> of the action <ACT> for <JAIL>"],
 ["set <JAIL> actionunban <ACT> <CMD>", "sets the unban command <CMD> of the action <ACT> for <JAIL>"], 
 ['', "JAIL INFORMATION", ""],
-["get <JAIL> ignorecommand", "gets ignorecommand of <JAIL>"],
 ["get <JAIL> logpath", "gets the list of the monitored files for <JAIL>"],
 ["get <JAIL> ignoreip", "gets the list of ignored IP addresses for <JAIL>"],
 ["get <JAIL> failregex", "gets the list of regular expressions which matches the failures for <JAIL>"],

config/jail.conf

@@ -34,9 +34,6 @@ ignoreip = 127.0.0.1/8
 # "bantime" is the number of seconds that a host is banned.
 bantime  = 600
 
-# External command with space separated output ips to ignore
-# ignorecommand = /path/to/command
-
 # A host is banned if it has generated "maxretry" during the last "findtime"
 # seconds.
 findtime  = 600

server/filter.py

@@ -21,7 +21,8 @@ __author__ = "Cyril Jaquier and Fail2Ban Contributors"
 __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav Halchenko"
 __license__ = "GPL"
 
-#import sys, os, getopt
+import sys
+
 from failmanager import FailManagerEmpty
 from failmanager import FailManager
 from ticket import FailTicket
@@ -42,7 +43,6 @@ logSys = logging.getLogger("fail2ban.filter")
 # that matches a given regular expression. This class is instantiated by
 # a Jail object.
 
-
 class Filter(JailThread):
 
 	##
@@ -67,13 +67,12 @@ class Filter(JailThread):
 		self.__findTime = 6000
 		## The ignore IP list.
 		self.__ignoreIpList = []
-		## External command
-		self.__ignoreCommand = False
 
 		self.dateDetector = DateDetector()
 		self.dateDetector.addDefaultTemplate()
 		logSys.debug("Created %s" % self)
 
+
 	def __repr__(self):
 		return "%s(%r)" % (self.__class__.__name__, self.jail)
 
@@ -92,6 +91,7 @@ class Filter(JailThread):
 			logSys.error(e)
 			raise e
 
+
 	def delFailRegex(self, index):
 		try:
 			del self.__failRegex[index]
@@ -212,21 +212,6 @@ class Filter(JailThread):
 	def run(self): # pragma: no cover
 		raise Exception("run() is abstract")
 
-
-	##
-	# Set external command, for ignoredips
-	#
-
-	def setIgnoreCommand(self, command):
-		self.__ignoreCommand = command
-
-	##
-	# Get external command, for ignoredips
-	#
-
-	def getIgnoreCommand(self):
-		return self.__ignoreCommand
-
 	##
 	# Ban an IP - http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html
 	# Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
@@ -264,9 +249,6 @@ class Filter(JailThread):
 		self.__ignoreIpList.remove(ip)
 
 	def getIgnoreIP(self):
-		if self.__ignoreCommand is not False:
-			return self.__ignoreIpList + os.popen(self.__ignoreCommand).read().split(" ")
-		else:
 		return self.__ignoreIpList
 
 	##
@@ -282,12 +264,6 @@ class Filter(JailThread):
 			# An empty string is always false
 			if i == "":
 				continue
-			# External command with ips to ignore
-			if self.__ignoreCommand is not False:
-				ignored_ips = os.popen(self.__ignoreCommand).read().split(" ")
-				if ip in ignored_ips:
-					return True
-
 			s = i.split('/', 1)
 			# IP address without CIDR mask
 			if len(s) == 1:

server/server.py

@@ -187,12 +187,6 @@ class Server:
 	def addFailRegex(self, name, value):
 		self.__jails.getFilter(name).addFailRegex(value)
 	
-	def setIgnoreCommand(self, name, value):
-		self.__jails.getFilter(name).setIgnoreCommand(value)
-	def getIgnoreCommand(self, name):
-		self.__jails.getFilter(name).getIgnoreCommand()
-
-
 	def delFailRegex(self, name, index):
 		self.__jails.getFilter(name).delFailRegex(index)
 	

server/transmitter.py

@@ -152,10 +152,6 @@ class Transmitter:
 			value = command[2]
 			self.__server.addIgnoreRegex(name, value)
 			return self.__server.getIgnoreRegex(name)
-		elif command[1] == "ignorecommand":
-			value = command[2]
-			self.__server.setIgnoreCommand(name, value)
-			return self.__server.getIgnoreCommand(name)
 		elif command[1] == "delignoreregex":
 			value = int(command[2])
 			self.__server.delIgnoreRegex(name, value)
@@ -241,8 +237,6 @@ class Transmitter:
 			return self.__server.getLogPath(name)
 		elif command[1] == "ignoreip":
 			return self.__server.getIgnoreIP(name)
-		elif command[1] == "ignorecommand":
-			return self.__server.getIgnoreCommand(name)
 		elif command[1] == "failregex":
 			return self.__server.getFailRegex(name)
 		elif command[1] == "ignoreregex":