fix #2 to Cyril and mine fixes:

I had to bring ExternalError exception into Firewall because of the loop in flushBanList.
 Also provided naming of Firewalls

fail2ban.py

@@ -112,16 +112,10 @@ def restoreFwRules():
 	""" Flush the ban list
 	"""
 	logSys.warn("Restoring firewall rules...")
-	for element in logFwList:
-		# Execute end command of each section
-		try:
-			element[2].restore(conf["debug"])
-		except ExternalError:
-			# nothing bad really - we can survive :-)
-			# but it has to be a separate exception handler
-			# for each section, so we don't miss anything
-			pass
 	try:
+		for element in logFwList:
+			# Execute end command of each section
+			element[2].restore(conf["debug"])
 		# Execute global end command
 		executeCmd(conf["cmdend"], conf["debug"])
 	except ExternalError:
@@ -399,6 +393,8 @@ def main():
 			# Creates a firewall object
 			fObj = Firewall(l["fwstart"], l["fwend"],
 							l["fwban"], l["fwunban"], l["fwcheck"], l["bantime"])
+			# "Name" the firewall
+			fObj.setSection(t)
 			# Links them into a list. I'm not really happy
 			# with this :/
 			logFwList.append([t, lObj, fObj, dict()])

firewall/firewall.py

@@ -27,6 +27,10 @@ __license__ = "GPL"
 import time, os, logging, re
 
 from utils.process import executeCmd
+# unfortunately but I have to bring ExternalError in especially
+# for flushBanList: if one of IPs got flushed manually outside or something,
+# we might endup with not "full" flush unless we handle exception within the loop
+from utils.process import ExternalError
 from utils.strings import replaceTag
 
 # Gets the instance of the logger.
@@ -46,15 +50,24 @@ class Firewall:
 		self.endRule = endRule
 		self.banTime = banTime
 		self.banList = dict()
+		self.section = ""
+
+	def setSection(self, section):
+		""" Set optional section name for clarify of logging
+		"""
+		self.section = section
 		
 	def initialize(self, debug):
-		logSys.debug("Initialize firewall rules")
+		logSys.debug("%s: Initialize firewall rules"%self.section)
 		executeCmd(self.startRule, debug)
 	
 	def restore(self, debug):
-		logSys.debug("Restore firewall rules")
+		logSys.debug("%s: Restore firewall rules"%self.section)
-		flushBanList(debug)
+		try:
-		executeCmd(self.endRule, debug)
+			self.flushBanList(debug)
+			executeCmd(self.endRule, debug)
+		except ExternalError:
+			pass
 		
 	def addBanIP(self, aInfo, debug):
 		""" Bans an IP.
@@ -62,26 +75,26 @@ class Firewall:
 		ip = aInfo["ip"]
 		if not self.inBanList(ip):
 			crtTime = time.time()
-			logSys.warn("Ban " + ip)
+			logSys.warn("%s: Ban "%self.section + ip)
 			self.banList[ip] = crtTime
 			aInfo["bantime"] = crtTime
 			self.runCheck(debug)
 			executeCmd(self.banIP(aInfo), debug)
 		else:
 			self.runCheck(debug)
-			logSys.error(ip+" already in ban list")
+			logSys.error("%s: "%self.section+ip+" already in ban list")
 	
 	def delBanIP(self, aInfo, debug):
 		""" Unban an IP.
 		"""
 		ip = aInfo["ip"]
 		if self.inBanList(ip):
-			logSys.warn("Unban " + ip)
+			logSys.warn("%s: Unban "%self.section + ip)
 			del self.banList[ip]
 			self.runCheck(debug)
 			executeCmd(self.unBanIP(aInfo), debug)
 		else:
-			logSys.error(ip+" not in ban list")
+			logSys.error("%s: "%self.section+ip+" not in ban list")
 
 	def reBan(self, debug):
 		""" Re-Bans known IPs.
@@ -90,7 +103,7 @@ class Firewall:
 		for ip in self.banList:
 			aInfo = {"ip": ip,
 					 "bantime": self.banList[ip]}
-			logSys.warn("ReBan " + ip)
+			logSys.warn("%s: ReBan "%self.section + ip)
 			# next piece is similar to the on in addBanIp
 			# so might be one more function will not hurt
 			self.runCheck(debug)
@@ -128,7 +141,12 @@ class Firewall:
 			aInfo = {"ip": element[0],
 					 "bantime": element[1],
 					 "unbantime": time.time()}
-			self.delBanIP(aInfo, debug)
+			try:
+				self.delBanIP(aInfo, debug)
+			except ExternalError:
+				# we must let it fail here in the loop, or we don't
+				# flush properly
+				pass
 			
 	def banIP(self, aInfo):
 		""" Returns query to ban IP.