ENH: allow to split ignoreip by space and/or comma (Closes #1197)

Way too many people ran into this gotcha, so lets just do it
2015-09-23 12:13:52 -04:00 · 2015-09-23 12:13:52 -04:00 · 8cf614e221
parent 24f875ad3e
commit 8cf614e221
5 changed files with 24 additions and 5 deletions
--- a/1
+++ b/1
@ -25,6 +25,7 @@ ver. 0.9.4 (2015/XX/XXX) - wanna-be-released
   * Added new date pattern with year after day (e.g. Sun Jan 23 2005 21:59:59)
     http://bugs.debian.org/798923
   * Added openSUSE path configuration (Thanks Johannes Weberhofer)
   * Allow to split ignoreip entries by ',' as well as by ' ' (gh-1197)
 ver. 0.9.3 (2015/08/01) - lets-all-stay-friends
 ----------
--- a/config/jail.conf
+++ b/config/jail.conf
@ -46,7 +46,7 @@ before = paths-debian.conf
 # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
 # ban a host which matches an address in this list. Several addresses can be
-# defined using space separator.
+# defined using space (and/or comma) separator.
 ignoreip = 127.0.0.1/8
 # External command that will take an tagged arguments to ignore, e.g. <ip>,
--- a/fail2ban/client/jailreader.py
+++ b/fail2ban/client/jailreader.py
@ -33,6 +33,7 @@ from .configreader import ConfigReaderUnshared, ConfigReader
 from .filterreader import FilterReader
 from .actionreader import ActionReader
 from ..helpers import getLogger
 from ..helpers import splitcommaspace
 # Gets the instance of the logger.
 logSys = getLogger(__name__)
@ -208,10 +209,8 @@ class JailReader(ConfigReader):
 			elif opt == "maxretry":
 				stream.append(["set", self.__name, "maxretry", self.__opts[opt]])
 			elif opt == "ignoreip":
-				for ip in self.__opts[opt].split():
+				for ip in splitcommaspace(self.__opts[opt]):
-					# Do not send a command if the rule is empty.
+					stream.append(["set", self.__name, "addignoreip", ip])
 					if ip != '':
 						stream.append(["set", self.__name, "addignoreip", ip])
 			elif opt == "findtime":
 				stream.append(["set", self.__name, "findtime", self.__opts[opt]])
 			elif opt == "bantime":
--- a/fail2ban/helpers.py
+++ b/fail2ban/helpers.py
@ -127,3 +127,13 @@ def excepthook(exctype, value, traceback):
 	getLogger("fail2ban").critical(
 		"Unhandled exception in Fail2Ban:", exc_info=True)
 	return sys.__excepthook__(exctype, value, traceback)
 def splitcommaspace(s):
 	"""Helper to split on any comma or space
 	Returns empty list if input is empty (or None) and filters
 	out empty entries
 	"""
 	if not s:
 		return []
 	return filter(bool, re.split('[ ,]', s))
--- a/fail2ban/tests/misctestcase.py
+++ b/fail2ban/tests/misctestcase.py
@ -33,6 +33,7 @@ from glob import glob
 from StringIO import StringIO
 from ..helpers import formatExceptionInfo, mbasename, TraceBack, FormatterWithTraceBack, getLogger
 from ..helpers import splitcommaspace
 from ..server.datetemplate import DatePatternRegex
@ -55,6 +56,14 @@ class HelpersTest(unittest.TestCase):
 			# might be fragile due to ' vs "
 			self.assertEqual(args, "('Very bad', None)")
 	def testsplitcommaspace(self):
 		self.assertEqual(splitcommaspace(None), [])
 		self.assertEqual(splitcommaspace(''), [])
 		self.assertEqual(splitcommaspace('  '), [])
 		self.assertEqual(splitcommaspace('1'), ['1'])
 		self.assertEqual(splitcommaspace(' 1 2 '), ['1', '2'])
 		self.assertEqual(splitcommaspace(' 1, 2 , '), ['1', '2'])
 class SetupTest(unittest.TestCase):