diff --git a/config/fail2ban.conf.default b/config/fail2ban.conf.default index 29feb909..014bd41b 100644 --- a/config/fail2ban.conf.default +++ b/config/fail2ban.conf.default @@ -11,8 +11,19 @@ # background = true +# Option: verbose +# Notes.: verbosity of the output. +# 0 - regular level +# 1 - INFO level +# 2 - DEBUG level (but commands get executed as opposed to +# debug option) +# Values: NUM Default: 0 +# +verbose = 1 + # Option: debug -# Notes.: enable debug mode. More verbose output and bypass root user test. +# Notes.: enable debug mode. No real commands gets executed but only +# reported, more verbose output, bypass root user test. # Values: [true | false] Default: false # debug = false diff --git a/config/gentoo-confd b/config/gentoo-confd index 8c4489db..ac4b6e22 100644 --- a/config/gentoo-confd +++ b/config/gentoo-confd @@ -20,4 +20,4 @@ # Command line options for Fail2Ban. Refer to "fail2ban -h" for # valid options. -FAIL2BAN_OPTS="-v" +FAIL2BAN_OPTS="" diff --git a/debian/changelog b/debian/changelog index 20867022..afb7a7f5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +fail2ban (0.5.4-3) unstable; urgency=low + + * Resolved the mistery of debug mode in which commands are not really + executed: added verbose option to config file, removed -v from + /etc/default/fail2ban, reordered code a bit so that log targets are + setup right after background and then only loglevel (verbose,debug) is + processed, so the warning could be seen in the logs + + -- Yaroslav Halchenko Thu, 29 Sep 2005 00:20:43 -1000 + fail2ban (0.5.4-2) unstable; urgency=low * Now exporting PATH explicitely in init.d/fail2ban script, to avoid diff --git a/fail2ban.py b/fail2ban.py index 69ee4cb3..af6fe4e4 100755 --- a/fail2ban.py +++ b/fail2ban.py @@ -180,6 +180,7 @@ def main(): ["str", "syslog-target", "/dev/log"], ["int", "syslog-facility", 1], ["bool", "debug", False], + ["int", "verbose", conf["verbose"]], ["str", "pidlock", "/var/run/fail2ban.pid"], ["int", "maxfailures", 5], ["int", "bantime", 600], @@ -188,7 +189,7 @@ def main(): ["int", "polltime", 1], ["str", "cmdstart", ""], ["str", "cmdend", ""]) - + # Gets global configuration options conf.update(confReader.getLogOptions("DEFAULT", optionValues)) @@ -197,7 +198,7 @@ def main(): # PID lock pidLock.setPath(conf["pidlock"]) - + # Now we can kill properly a running instance if needed try: conf["kill"] @@ -220,26 +221,7 @@ def main(): logSys.error("Unable to start daemon") sys.exit(-1) - # Verbose level - if conf["verbose"]: - logSys.warn("Verbose level is "+`conf["verbose"]`) - if conf["verbose"] == 1: - logSys.setLevel(logging.INFO) - elif conf["verbose"] > 1: - logSys.setLevel(logging.DEBUG) - - # Set debug log level - if conf["debug"]: - logSys.setLevel(logging.DEBUG) - formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' + - '%(message)s') - formatter = logging.Formatter("%(asctime)s " + formatterstring) - stdout.setFormatter(formatter) - logSys.warn("DEBUG MODE: FIREWALL COMMANDS ARE _NOT_ EXECUTED BUT " + - "ONLY DISPLAYED IN THE LOG MESSAGES") - - # Process some options - # Log targets + # First setup Log targets # Bug fix for #1234699 os.umask(0077) for target in conf["logtargets"].split(): @@ -289,7 +271,27 @@ def main(): # Set formatter and add handler to logger hdlr.setFormatter(tformatter) logSys.addHandler(hdlr) - + + # Process some options + + # Verbose level + if conf["verbose"]: + logSys.warn("Verbose level is "+`conf["verbose"]`) + if conf["verbose"] == 1: + logSys.setLevel(logging.INFO) + elif conf["verbose"] > 1: + logSys.setLevel(logging.DEBUG) + + # Set debug log level + if conf["debug"]: + logSys.setLevel(logging.DEBUG) + formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' + + '%(message)s') + formatter = logging.Formatter("%(asctime)s " + formatterstring) + stdout.setFormatter(formatter) + logSys.warn("DEBUG MODE: FIREWALL COMMANDS ARE _NOT_ EXECUTED BUT " + + "ONLY DISPLAYED IN THE LOG MESSAGES") + # Ignores IP list ignoreIPList = conf["ignoreip"].split(' ')