code review and use new logger-signals for waiting; + regenerated man-files

fail2ban/protocol.py

@@ -50,7 +50,7 @@ protocol = [
 ["start", "starts the server and the jails"], 
 ["restart", "restarts the server"], 
 ["restart [--unban] [--if-exists] <JAIL>", "restarts the jail <JAIL> (alias for 'reload --restart ... <JAIL>')"], 
-["reload [--restart] [--unban] [--all]", "reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby unbans IP addresses (if option '--unban' specified)"],
+["reload [--restart] [--unban] [--all]", "reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby can unban IP addresses (if option '--unban' specified)"],
 ["reload [--restart] [--unban] [--if-exists] <JAIL>", "reloads the jail <JAIL>, or restarts it (if option '--restart' specified)"],
 ["stop", "stops all jails and terminate the server"], 
 ["unban --all", "unbans all IP addresses (in all jails and database)"],

fail2ban/tests/fail2banclienttestcase.py

@@ -712,8 +712,12 @@ class Fail2banServerTest(Fail2banClientServerBase):
 			_out_file(test1log)
 		self.execSuccess(startparams, "reload")
 		self.assertTrue(
-			Utils.wait_for(lambda: self._is_logged("[test-jail1] Ban 192.0.2.1"), MID_WAITTIME))
+			Utils.wait_for(lambda: \
+				self._is_logged("Reload finished.") and
+				self._is_logged("1 ticket(s) in 'test-jail1")
+				, MID_WAITTIME))
 		self.assertLogged("Added logfile: %r" % test1log)
+		self.assertLogged("[test-jail1] Ban 192.0.2.1")
 		
 		# enable both jails, 3 logs for jail1, etc...
 		# truncate test-log - we should not find unban/ban again by reload:
@@ -751,13 +755,16 @@ class Fail2banServerTest(Fail2banClientServerBase):
 		# test all will be found in jail1 and one in jail2:
 		self.assertTrue(
 			Utils.wait_for(lambda: \
-				self._is_logged("[test-jail1] Ban 192.0.2.2") and 
-				self._is_logged("[test-jail1] Ban 192.0.2.3") and 
-				self._is_logged("[test-jail1] Ban 192.0.2.4") and 
-				self._is_logged("[test-jail1] Ban 192.0.2.8") and 
-				self._is_logged("[test-jail2] Ban 192.0.2.4") and
-				self._is_logged("[test-jail2] Ban 192.0.2.8")
+				self._is_logged("2 ticket(s) in 'test-jail2") and
+				self._is_logged("5 ticket(s) in 'test-jail1")
 				, MID_WAITTIME))
+		self.assertLogged(
+			"[test-jail1] Ban 192.0.2.2",
+			"[test-jail1] Ban 192.0.2.3",
+			"[test-jail1] Ban 192.0.2.4",
+			"[test-jail1] Ban 192.0.2.8",
+			"[test-jail2] Ban 192.0.2.4",
+			"[test-jail2] Ban 192.0.2.8", all=True)
 		# test ips at all not visible for jail2:
 		self.assertNotLogged(
 			"[test-jail2] Found 192.0.2.2", 
@@ -775,9 +782,9 @@ class Fail2banServerTest(Fail2banClientServerBase):
 			"restart", "test-jail2")
 		self.assertTrue(
 			Utils.wait_for(lambda: \
-				self._is_logged("Jail 'test-jail2' started") and
-				self._is_logged("[test-jail2] Restore Ban 192.0.2.4") and
-				self._is_logged("[test-jail2] Restore Ban 192.0.2.8")
+				self._is_logged("Reload finished.") and
+				self._is_logged("Restore Ban") and
+				self._is_logged("2 ticket(s) in 'test-jail2")
 				, MID_WAITTIME))
 		# stop/start and unban/restore ban:
 		self.assertLogged(
@@ -794,8 +801,10 @@ class Fail2banServerTest(Fail2banClientServerBase):
 		self.execSuccess(startparams,
 			"restart", "--unban", "test-jail2")
 		self.assertTrue(
-			Utils.wait_for(lambda: self._is_logged("Jail 'test-jail2' started"),
-				MID_WAITTIME))
+			Utils.wait_for(lambda: \
+				self._is_logged("Reload finished.") and
+				self._is_logged("Jail 'test-jail2' started")
+				, MID_WAITTIME))
 		self.assertLogged(
 			"Jail 'test-jail2' stopped",
 			"Jail 'test-jail2' started",
@@ -849,16 +858,17 @@ class Fail2banServerTest(Fail2banClientServerBase):
 		))
 		if DefLogSys.level < logging.DEBUG:  # if HEAVYDEBUG
 			_out_file(test1log)
-		# test "failure" regexp still available:
 		self.assertTrue(
 			Utils.wait_for(lambda: \
-				self._is_logged("[test-jail1] 192.0.2.1 already banned") and
-				self._is_logged("[test-jail1] Ban 192.0.2.6")
+				self._is_logged("6 ticket(s) in 'test-jail1") and
+				self._is_logged("[test-jail1] 192.0.2.1 already banned")
 				, MID_WAITTIME))
+		# test "failure" regexp still available:
 		self.assertLogged(
 			"[test-jail1] Found 192.0.2.1",
-			"[test-jail1] Found 192.0.2.6", all=True
-		)
+			"[test-jail1] Found 192.0.2.6",
+			"[test-jail1] 192.0.2.1 already banned",
+			"[test-jail1] Ban 192.0.2.6", all=True)
 		# test "error" regexp no more available:
 		self.assertNotLogged("[test-jail1] Found 192.0.2.5")
 

man/fail2ban-client.1

@@ -1,12 +1,12 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.44.1.
-.TH FAIL2BAN-CLIENT "1" "July 2016" "fail2ban-client v0.10.0a1" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.3.
+.TH FAIL2BAN-CLIENT "1" "September 2016" "fail2ban-client v0.10.0a2" "User Commands"
 .SH NAME
 fail2ban-client \- configure and control the server
 .SH SYNOPSIS
 .B fail2ban-client
-[\fIOPTIONS\fR] \fI<COMMAND>\fR
+[\fI\,OPTIONS\/\fR] \fI\,<COMMAND>\/\fR
 .SH DESCRIPTION
-Fail2Ban v0.10.0a1 reads log file that contains password failure report
+Fail2Ban v0.10.0a2 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP
@@ -68,17 +68,36 @@ starts the server and the jails
 \fBrestart\fR
 restarts the server
 .TP
-\fBreload\fR
-reloads the configuration without
-restart
+\fBrestart [\-\-unban] [\-\-if\-exists] <JAIL>\fR
+restarts the jail <JAIL> (alias
+for 'reload \fB\-\-restart\fR ... <JAIL>')
 .TP
-\fBreload <JAIL>\fR
-reloads the jail <JAIL>
+\fBreload [\-\-restart] [\-\-unban] [\-\-all]\fR
+reloads the configuration without
+restarting of the server, the
+option '\-\-restart' activates
+completely restarting of affected
+jails, thereby can unban IP
+addresses (if option '\-\-unban'
+specified)
+.TP
+\fBreload [\-\-restart] [\-\-unban] [\-\-if\-exists] <JAIL>\fR
+reloads the jail <JAIL>, or
+restarts it (if option '\-\-restart'
+specified)
 .TP
 \fBstop\fR
 stops all jails and terminate the
 server
 .TP
+\fBunban \fB\-\-all\fR\fR
+unbans all IP addresses (in all
+jails and database)
+.TP
+\fBunban <IP> ... <IP>\fR
+unbans <IP> (in all jails and
+database)
+.TP
 \fBstatus\fR
 gets the current status of the
 server
@@ -248,9 +267,8 @@ for <JAIL>
 \fBset <JAIL> maxlines <LINES>\fR
 sets the number of <LINES> to
 buffer for regex search for <JAIL>
-.IP
-set <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]
-.IP
+.TP
+\fBset <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]\fR
 adds a new action named <ACT> for
 <JAIL>. Optionally for a Python
 based action, a <PYTHONFILE> and
@@ -262,45 +280,38 @@ removes the action <ACT> from
 <JAIL>
 .IP
 COMMAND ACTION CONFIGURATION
-.IP
-set <JAIL> action <ACT> actionstart <CMD>
-.IP
+.TP
+\fBset <JAIL> action <ACT> actionstart <CMD>\fR
 sets the start command <CMD> of
 the action <ACT> for <JAIL>
-.IP
-set <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of the
-.IP
+.TP
+\fBset <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of the\fR
 action <ACT> for <JAIL>
-.IP
-set <JAIL> action <ACT> actioncheck <CMD>
-.IP
+.TP
+\fBset <JAIL> action <ACT> actioncheck <CMD>\fR
 sets the check command <CMD> of
 the action <ACT> for <JAIL>
 .TP
 \fBset <JAIL> action <ACT> actionban <CMD>\fR
 sets the ban command <CMD> of the
 action <ACT> for <JAIL>
-.IP
-set <JAIL> action <ACT> actionunban <CMD>
-.IP
+.TP
+\fBset <JAIL> action <ACT> actionunban <CMD>\fR
 sets the unban command <CMD> of
 the action <ACT> for <JAIL>
-.IP
-set <JAIL> action <ACT> timeout <TIMEOUT>
-.IP
+.TP
+\fBset <JAIL> action <ACT> timeout <TIMEOUT>\fR
 sets <TIMEOUT> as the command
 timeout in seconds for the action
 <ACT> for <JAIL>
 .IP
 GENERAL ACTION CONFIGURATION
-.IP
-set <JAIL> action <ACT> <PROPERTY> <VALUE>
-.IP
+.TP
+\fBset <JAIL> action <ACT> <PROPERTY> <VALUE>\fR
 sets the <VALUE> of <PROPERTY> for
 the action <ACT> for <JAIL>
-.IP
-set <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]
-.IP
+.TP
+\fBset <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]\fR
 calls the <METHOD> with
 <JSONKWARGS> for the action <ACT>
 for <JAIL>

man/fail2ban-regex.1

@@ -1,10 +1,10 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.44.1.
-.TH FAIL2BAN-REGEX "1" "July 2016" "fail2ban-regex 0.10.0a1" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.3.
+.TH FAIL2BAN-REGEX "1" "September 2016" "fail2ban-regex 0.10.0a2" "User Commands"
 .SH NAME
 fail2ban-regex \- test Fail2ban "failregex" option
 .SH SYNOPSIS
 .B fail2ban-regex
-[\fIOPTIONS\fR] \fI<LOG> <REGEX> \fR[\fIIGNOREREGEX\fR]
+[\fI\,OPTIONS\/\fR] \fI\,<LOG> <REGEX> \/\fR[\fI\,IGNOREREGEX\/\fR]
 .SH DESCRIPTION
 Fail2Ban  reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
@@ -16,7 +16,7 @@ string
 a string representing a log line
 .TP
 filename
-path to a log file (\fI/var/log/auth.log\fP)
+path to a log file (\fI\,/var/log/auth.log\/\fP)
 .TP
 "systemd\-journal"
 search systemd journal (systemd\-python required)
@@ -42,23 +42,23 @@ show program's version number and exit
 \fB\-h\fR, \fB\-\-help\fR
 show this help message and exit
 .TP
-\fB\-d\fR DATEPATTERN, \fB\-\-datepattern\fR=\fIDATEPATTERN\fR
+\fB\-d\fR DATEPATTERN, \fB\-\-datepattern\fR=\fI\,DATEPATTERN\/\fR
 set custom pattern used to match date/times
 .TP
-\fB\-e\fR ENCODING, \fB\-\-encoding\fR=\fIENCODING\fR
+\fB\-e\fR ENCODING, \fB\-\-encoding\fR=\fI\,ENCODING\/\fR
 File encoding. Default: system locale
 .TP
 \fB\-r\fR, \fB\-\-raw\fR
 Raw hosts, don't resolve dns
 .TP
-\fB\-L\fR MAXLINES, \fB\-\-maxlines\fR=\fIMAXLINES\fR
+\fB\-L\fR MAXLINES, \fB\-\-maxlines\fR=\fI\,MAXLINES\/\fR
 maxlines for multi\-line regex
 .TP
-\fB\-m\fR JOURNALMATCH, \fB\-\-journalmatch\fR=\fIJOURNALMATCH\fR
+\fB\-m\fR JOURNALMATCH, \fB\-\-journalmatch\fR=\fI\,JOURNALMATCH\/\fR
 journalctl style matches overriding filter file.
 "systemd\-journal" only
 .TP
-\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fILOG_LEVEL\fR
+\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fI\,LOG_LEVEL\/\fR
 Log level for the Fail2Ban logger to use
 .TP
 \fB\-v\fR, \fB\-\-verbose\fR

man/fail2ban-server.1

@@ -1,12 +1,12 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.44.1.
-.TH FAIL2BAN-SERVER "1" "July 2016" "fail2ban-server v0.10.0a1" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.3.
+.TH FAIL2BAN-SERVER "1" "September 2016" "fail2ban-server v0.10.0a2" "User Commands"
 .SH NAME
 fail2ban-server \- start the server
 .SH SYNOPSIS
 .B fail2ban-server
-[\fIOPTIONS\fR]
+[\fI\,OPTIONS\/\fR]
 .SH DESCRIPTION
-Fail2Ban v0.10.0a1 reads log file that contains password failure report
+Fail2Ban v0.10.0a2 reads log file that contains password failure report
 and bans the corresponding IP addresses using firewall rules.
 .SH OPTIONS
 .TP

man/fail2ban-testcases.1

@@ -1,10 +1,10 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.44.1.
-.TH FAIL2BAN-TESTCASES "1" "July 2016" "fail2ban-testcases 0.10.0a1" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.3.
+.TH FAIL2BAN-TESTCASES "1" "September 2016" "fail2ban-testcases 0.10.0a2" "User Commands"
 .SH NAME
 fail2ban-testcases \- run Fail2Ban unit-tests
 .SH SYNOPSIS
 .B fail2ban-testcases
-[\fIOPTIONS\fR] [\fIregexps\fR]
+[\fI\,OPTIONS\/\fR] [\fI\,regexps\/\fR]
 .SH DESCRIPTION
 Script to run Fail2Ban tests battery
 .SH OPTIONS
@@ -15,9 +15,15 @@ show program's version number and exit
 \fB\-h\fR, \fB\-\-help\fR
 show this help message and exit
 .TP
-\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fILOG_LEVEL\fR
+\fB\-l\fR LOG_LEVEL, \fB\-\-log\-level\fR=\fI\,LOG_LEVEL\/\fR
 Log level for the logger to use during running tests
 .TP
+\fB\-v\fR VERBOSITY, \fB\-\-verbosity\fR=\fI\,VERBOSITY\/\fR
+Set numerical level of verbosity (0..4)
+.TP
+\fB\-\-log\-direct\fR
+Prevent lazy logging inside tests
+.TP
 \fB\-n\fR, \fB\-\-no\-network\fR
 Do not run tests that require the network
 .TP