BF: failregex declared direct in jail was joined to single line, (specifying of multiple expressions was not possible);

feature request (gh-867): new options for jail introduced addfailregex/addignoreregex: extends regex specified in filter (opposite to failregex/ignoreregex that overwrites it);
2014-11-28 03:17:47 +01:00 · 2014-11-28 03:17:47 +01:00 · cad09d2df3
parent 72370d2574
commit cad09d2df3
2 changed files with 14 additions and 3 deletions
--- a/6
+++ b/6
@ -14,8 +14,14 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released
   * $ typo in jail.conf. Thanks Skibbi. Debian bug #767255
   * grep'ing for IP in *mail-whois-lines.conf should now match also
     at the begginning and EOL.  Thanks Dean Lee
+   * failregex declared in jail was joined to single line (specifying of multiple
+     expressions was not possible).
+

 - New Features:
+   - new options for jail introduced addfailregex/addignoreregex: extends regex 
+     specified in filter (opposite to failregex/ignoreregex that overwrites it)
+     see gh-867.

 - Enhancements:
   * Enable multiport for firewallcmd-new action.  Closes gh-834
--- a/fail2ban/client/jailreader.py
+++ b/fail2ban/client/jailreader.py
@ -97,6 +97,8 @@ class JailReader(ConfigReader):
 				["string", "usedns", None],
 				["string", "failregex", None],
 				["string", "ignoreregex", None],
+				["string", "addfailregex", None],
+				["string", "addignoreregex", None],
 				["string", "ignorecommand", None],
 				["string", "ignoreip", None],
 				["string", "filter", ""],
@ -201,11 +203,14 @@ class JailReader(ConfigReader):
 				stream.append(["set", self.__name, "bantime", self.__opts[opt]])
 			elif opt == "usedns":
 				stream.append(["set", self.__name, "usedns", self.__opts[opt]])
-			elif opt == "failregex":
-				stream.append(["set", self.__name, "addfailregex", self.__opts[opt]])
+			elif opt in ("failregex", "addfailregex"):
+				for regex in self.__opts[opt].split('\n'):
+					# Do not send a command if the rule is empty.
+					if regex != '':
+						stream.append(["set", self.__name, "addfailregex", regex])
 			elif opt == "ignorecommand":
 				stream.append(["set", self.__name, "ignorecommand", self.__opts[opt]])
-			elif opt == "ignoreregex":
+			elif opt in ("ignoreregex", "addignoreregex"):
 				for regex in self.__opts[opt].split('\n'):
 					# Do not send a command if the rule is empty.
 					if regex != '':