From f3a90b9021731a7fd537a7d172a75a65cca64f78 Mon Sep 17 00:00:00 2001 From: Cyril Jaquier Date: Sun, 17 Sep 2006 22:03:07 +0000 Subject: [PATCH] - Updated git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@362 a942ae1a-1317-0410-a47c-b1dcaea8d605 --- CHANGELOG | 2 ++ TODO | 63 ++++--------------------------------------------------- 2 files changed, 6 insertions(+), 59 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 09687626..1f6c2072 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -12,6 +12,8 @@ ver. 0.7.3 (2006/??/??) - beta - Added man pages. Thanks to Yaroslav Halchenko - Added wildcard support for "logpath" - Added Gamin (file and directory monitoring system) support +- (Re)added "ignoreip" option +- Added more concurrency protection ver. 0.7.2 (2006/09/10) - beta ---------- diff --git a/TODO b/TODO index 97337c60..cdba4028 100644 --- a/TODO +++ b/TODO @@ -13,39 +13,25 @@ Legend: # partially done * done -- Verify TAI64N +- Prefix all private functions with "__" -* Is there a do...while loop in Python? For interactive mode +- Verify TAI64N # implement all get/set functions -- correct handling of threads (join???) +# correct handling of threads (join???), concurrency, etc + protect "jails" in server.py - signal handling (ctrl-c, etc) -* add a reload option to fail2ban-client - # see Feature Request Tracking System at SourceForge.net -* findall in dns.py should be no more needed - -* remove utils/ directory - - improve installation process (better prefix support) # improve documentation and website for user -* use Doxygen - - use PyLint to check the code -* better configuration files - -* add a check to see if the time of the log messages is - correctly detected (valid regexp) - -* remove debug mode (root check) - # better return values in function ? use more email.Utils in mail.py @@ -53,51 +39,10 @@ Legend: ? add gettext support. Is this really needed for a server utility? -* send an email when fail2ban is running - -* add multithreading. Python threading is not really - efficient. However, fail2ban could benefit of it. We could - use threads like this: - - one thread which check for host to unban. - - one thread per file to watch. This will allow things like - different polling time for each file. - is read-only (we only read log files) thus no locks - are required. However, is read-write and must take - care of concurrency in case of multithreading. - -- add FAM/Gamin support. Should be quite efficient with - threading. Take care that handle_one_event() release the - Python lock. - # add a test framework. We could use unittest which is in Python since 2.1. It should be possible to run all tests automatically. -* add client/server using socket. Something similar to - gdesklets. DBUS seems to be designed for desktop use. - - fail2ban start -> start the daemon. - - fail2ban stop -> stop the daemon. - - fail2ban add -> add monitoring with - ban method (iptables, hosts.deny, etc). - - fail2ban del -> remove monitoring. - - fail2ban status -> query current fail2ban status. - Should return infos like a ban counter. Could be graph - with rrdtool. - - fail2ban pause -> suspend monitoring. - - fail2ban resume -> resume monitoring. - - fail2ban list -> list available services. - - fail2ban flush -> flush the ban list. - -* remove PID file. - -* remove most of the command lines options if possible. - -* add the possibility to specify wildcard in log files. - Example: logfile = /var/log/apache2/access-*.log - Should we start one thread per file or just one thread per - serivce? - We use just one thread per service - # autodetect date format in log file. Match the most popular format and sort them using the hit ratio. Should avoid user problem with regex and not have a big impact on perfs.