diff --git a/testcases/files/testcase02.log b/testcases/files/testcase02.log
index 0200d6de..7ca87c19 100644
--- a/testcases/files/testcase02.log
+++ b/testcases/files/testcase02.log
@@ -1,13 +1,13 @@
-Mar 16 04:57:00 i60p295 sshd[11437]: input_userauth_request: illegal user test123
-Mar 16 04:57:00 i60p295 sshd[11437]: Failed password for illegal user test123 from ::ffff:66.38.192.238 port 51381 ssh2
-Mar 16 04:57:00 i60p295 sshd[11437]: Connection closed by ::ffff:66.38.192.238
-Mar 16 10:33:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:33:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:33:59 i60p295 sshd[12365]: Postponed keyboard-interactive for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:34:01 i60p295 sshd[12365]: Postponed keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:34:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mär 16 10:33:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mär 16 10:33:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:35:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:36:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
-Mar 16 10:37:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:51:00 i60p295 sshd[11437]: input_userauth_request: illegal user test123
+Aug 14 11:52:00 i60p295 sshd[11437]: Failed password for illegal user test123 from ::ffff:66.38.192.238 port 51381 ssh2
+Aug 14 11:53:00 i60p295 sshd[11437]: Connection closed by ::ffff:66.38.192.238
+Aug 14 11:53:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:55:59 i60p295 sshd[12365]: Postponed keyboard-interactive for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:56:01 i60p295 sshd[12365]: Postponed keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:57:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:57:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:59:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:59:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
+Aug 14 11:59:01 i60p295 sshd[12365]: Accepted keyboard-interactive/pam for roehl from ::ffff:141.3.81.106 port 51332 ssh2
diff --git a/testcases/files/testcase03.log b/testcases/files/testcase03.log
new file mode 100644
index 00000000..4d9d11cd
--- /dev/null
+++ b/testcases/files/testcase03.log
@@ -0,0 +1,9 @@
+Aug 14 11:53:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aug 14 11:54:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aug 14 11:55:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aou 14 11:56:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aou 14 11:57:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aoü 14 11:58:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aug 14 11:59:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aug 14 12:50:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
+Aug 14 12:51:04 HOSTNAME courieresmtpd: error,relay=::ffff:203.162.223.135,from=<firozquarl@aclunc.org>,to=<BOGUSUSER@HOSTEDDOMAIN.org>: 550 User unknown.
diff --git a/testcases/files/testcase04.log b/testcases/files/testcase04.log
new file mode 100644
index 00000000..c0304d06
--- /dev/null
+++ b/testcases/files/testcase04.log
@@ -0,0 +1,15 @@
+Sep 21 22:03:07 [sshd] Invalid user toto from 212.41.96.185
+1124012400 [sshd] Invalid user fuck from 212.41.96.185
+Sep 21 21:03:38 [sshd] Invalid user toto from 212.41.96.185
+1124012500 [sshd] Invalid user fuck from 212.41.96.185
+Sep 21 21:03:46 [sshd] Invalid user toto from 212.41.96.185
+Aug 14 11:58:48 [sshd] Invalid user fuck from 212.41.96.185
+Aug 14 11:59:58 [sshd] Invalid user toto from 212.41.96.185
+Sep 21 21:04:03 [sshd] Invalid user fuck from 212.41.96.185
+                - Last output repeated twice -
+2005/08/14 11:57:00 [sshd] Invalid user toto from 212.41.96.186
+2005/08/14 11:58:00 [sshd] Invalid user fuck from 212.41.96.186
+2005/08/14 11:59:00 [sshd] Invalid user toto from 212.41.96.186
+2005/08/14 12:00:00 [sshd] Invalid user fuck from 212.41.96.186
+                - Last output repeated twice -
+Sep 21 21:09:01 [sshd] Invalid user toto from 212.41.96.185
diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py
index 3ba478e6..d51892a5 100644
--- a/testcases/filtertestcase.py
+++ b/testcases/filtertestcase.py
@@ -28,6 +28,7 @@ import unittest, socket
 from server.filterpoll import FilterPoll
 from server.filter import Filter
 from server.failmanager import FailManager
+from server.failmanager import FailManagerEmpty
 
 class IgnoreIP(unittest.TestCase):
 
@@ -78,23 +79,27 @@ class LogFile(unittest.TestCase):
 
 class GetFailures(unittest.TestCase):
 
-	FILENAME = "testcases/files/testcase01.log"
+	FILENAME_01 = "testcases/files/testcase01.log"
+	FILENAME_02 = "testcases/files/testcase02.log"
+	FILENAME_03 = "testcases/files/testcase03.log"
+	FILENAME_04 = "testcases/files/testcase04.log"
 
 	def setUp(self):
 		"""Call before every test case."""
 		self.__filter = Filter(None)
-		self.__filter.addLogPath(FILENAME)
 		#self.__filter.setTimeRegex("\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}")
 		#self.__filter.setTimePattern("%b %d %H:%M:%S")
-		self.__filter.setFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)")
 
 	def tearDown(self):
 		"""Call after every test case."""
 		
-	def testGetFailures(self):
+	def testGetFailures01(self):
 		output = ('193.168.0.128', 3, 1124013599.0)
+		
+		self.__filter.addLogPath(GetFailures.FILENAME_01)
+		self.__filter.setFailRegex("(?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user|ROOT LOGIN REFUSED) .*(?: from|FROM) (?:::f{4,6}:)?(?P<host>\S*)")
 
-		self.__filter.getFailures(FILENAME)
+		self.__filter.getFailures(GetFailures.FILENAME_01)
 		
 		ticket = self.__filter.failManager.toBan()
 
@@ -104,4 +109,58 @@ class GetFailures(unittest.TestCase):
 		found = (ip, attempts, date)
 		
 		self.assertEqual(found, output)
+	
+	def testGetFailures02(self):
+		output = ('141.3.81.106', 4, 1124013539.0)
+
+		self.__filter.addLogPath(GetFailures.FILENAME_02)
+		self.__filter.setFailRegex("Failed .* (?:::f{4,6}:)(?P<host>\S*)")
+		
+		self.__filter.getFailures(GetFailures.FILENAME_02)
+		
+		ticket = self.__filter.failManager.toBan()
+
+		attempts = ticket.getAttempt()
+		date = ticket.getTime()
+		ip = ticket.getIP()
+		found = (ip, attempts, date)
+		
+		self.assertEqual(found, output)	
+
+	def testGetFailures03(self):
+		output = ('203.162.223.135', 6, 1124013544.0)
+
+		self.__filter.addLogPath(GetFailures.FILENAME_03)
+		self.__filter.setFailRegex("error,relay=(?:::f{4,6}:)?(?P<host>\S*),.*550 User unknown")
+		
+		self.__filter.getFailures(GetFailures.FILENAME_03)
+		
+		ticket = self.__filter.failManager.toBan()
+		
+		attempts = ticket.getAttempt()
+		date = ticket.getTime()
+		ip = ticket.getIP()
+		found = (ip, attempts, date)
+		
+		self.assertEqual(found, output)	
+
+	def testGetFailures04(self):
+		output = [('212.41.96.186', 4, 1124013600.0),
+				  ('212.41.96.185', 4, 1124013598.0)]
+
+		self.__filter.addLogPath(GetFailures.FILENAME_04)
+		self.__filter.setFailRegex("Invalid user .* (?P<host>\S*)")
+		
+		self.__filter.getFailures(GetFailures.FILENAME_04)
+
+		try:
+			for i in range(2):
+				ticket = self.__filter.failManager.toBan()		
+				attempts = ticket.getAttempt()
+				date = ticket.getTime()
+				ip = ticket.getIP()
+				found = (ip, attempts, date)
+				self.assertEqual(found, output[i])
+		except FailManagerEmpty:
+			pass
 		
\ No newline at end of file