["set <JAIL> ignoreself true|false","allows the ignoring of own IP addresses"],
["set <JAIL> addignoreip <IP>","adds <IP> to the ignore list of <JAIL>"],
["set <JAIL> delignoreip <IP>","removes <IP> from the ignore list of <JAIL>"],
["set <JAIL> ignorecommand <VALUE>","sets ignorecommand of <JAIL>"],
["set <JAIL> ignorecache <VALUE>","sets ignorecache of <JAIL>"],
["set <JAIL> addlogpath <FILE> ['tail']","adds <FILE> to the monitoring list of <JAIL>, optionally starting at the 'tail' of the file (default 'head')."],
["set <JAIL> dellogpath <FILE>","removes <FILE> from the monitoring list of <JAIL>"],
["set <JAIL> logencoding <ENCODING>","sets the <ENCODING> of the log files for <JAIL>"],
@ -91,7 +93,6 @@ protocol = [
["set <JAIL> deljournalmatch <MATCH>","removes <MATCH> from the journal filter of <JAIL>"],
["set <JAIL> addfailregex <REGEX>","adds the regular expression <REGEX> which must match failures for <JAIL>"],
["set <JAIL> delfailregex <INDEX>","removes the regular expression at <INDEX> for failregex"],
["set <JAIL> ignorecommand <VALUE>","sets ignorecommand of <JAIL>"],
["set <JAIL> addignoreregex <REGEX>","adds the regular expression <REGEX> which should match pattern to exclude for <JAIL>"],
["set <JAIL> delignoreregex <INDEX>","removes the regular expression at <INDEX> for ignoreregex"],
["set <JAIL> findtime <TIME>","sets the number of seconds <TIME> for which the filter will look back for <JAIL>"],
@ -233,7 +233,19 @@ list of IPs not to ban. They can include a DNS resp. CIDR mask too. The option a
command that is executed to determine if the current candidate IP for banning (or failure-ID for raw IDs) should not be banned. The option affects additionally to \fBignoreself\fR and \fBignoreip\fR and will be first executed if both don't hit.
.br
IP will not be banned if command returns successfully (exit code 0).
Like ACTION FILES, tags like <ip> are can be included in the ignorecommand value and will be substituted before execution. Currently only <ip> is supported however more will be added later.
Like ACTION FILES, tags like <ip> are can be included in the ignorecommand value and will be substituted before execution.
.TP
.Bignorecache
provide cache parameters (default disabled) for ignore failure check (caching of the result from `ignoreip`, `ignoreself` and `ignorecommand`), syntax:
ignorecommand = if [ "<F-USER>" = "technical" ] && [ "<ip-host>" = "my-host.example.com" ]; then exit 0; fi;
exit 1
.fi
This will cache the result of \fBignorecommand\fR (does not call it repeatedly) for 5 minutes (cache time) for maximal 100 entries (cache size), using values substituted like "user@host" as cache-keys. Set option \fBignorecache\fR to empty value disables the cache.
.RE
.TP
.Bbantime
effective ban duration (in seconds or time abbreviation format).