* tag '0.8.13': (48 commits)
DOC: DEVELOP release note changes
PKG: version release
PKG: include nagios filter/log
DOC/ENH: update man pages for release
ENH: pull asterisk filter change to support syslog from 0.9 branch
Sanity-check print-all-* vs print-no-* options.
Add --print-no-{missed,ignored} and restore -all.
Only remember log lines we need to print later.
Fix the --print-all-{missed,ignored} options.
ENH: sendmail-reject for all smtp ports.
ENH: more sendmail-reject filter items thanks to fab23
BF: move to right location
ENH: rename sendmail-spam to sendmail-reject
BF: email address as arg1 in sendmail filters
ENH: wider regex for RBL and sendmail-spam
DOC: Add reference to action argument values which contain ","
BF: add jail.conf definitions for sendmail* filters
ENH: add filter for sendmail-{auth,spam}. Closes gh-20
ENH: Allow 255.255.255.0 style mask for ignoreip
BF: Fix complain action for multiple recipients and misplaced ";"
...
Realized --print-all-{missed,ignored} aren't meant to be simple on/off,
but are meant to enable printing all lines even when there are more
than 20.
This restores the behavior of --print-all-*, but preserves the
memory-savings when --print-all-* are not specified.
Also adds --print-no-{missed,ignored} which can be used to suppress
printing of a line type entirely.
When testing proccessing a large logfile (430 MB, 2M lines) without
--print-all-missed or --print-all-ignored, fail2ban-regex consumes
just over 2 GB of RAM before completing. Even though it does not need
to retain any of the missed or ignored log lines, it does anyway.
With this patch, memory use never grows beyond about 11 MB (unless
--print-all-* are enabled).
Previously, fail2ban-regex always printed both regardless of whether
those options were present or not.
This commit duplicates the patch I submitted at
https://sourceforge.net/p/fail2ban/patches/25/
* tag '0.8.12': (177 commits)
DOC: version and release date to 0.8.12 on 2014-01-22
DOC/ENH: update man pages for release
DOC: ChangeLog dateing and normalisation
ENH: continue with rest of fail2ban config even if errors. Closes gh-585
DOC: ChangeLog. Note incompatible changes and group new filters and actions under New Features
BF: complete MANIFEST
DOC: note in man page about "last message repeated" syslog compression. Closes Debian bug #620364
DOC: credits for action.d/badips
BF: dovecot filters, session characters and order of session/tls in log messages
BF Dovecot auth failures
Matching any Exim authentication name
Update exim
ENH: add improper command pipelining postfix filter
Support ACL-events without AccountID. Typically happens when a registration from an unknown domain is performed.
BF: Add ejabberd-auth to jail.conf
ENH: ejabberd filter
TST: for tag substition, multiple on same line
DOC: spelling + GPL2+ for license
DOC: fixing formatting in the section names of the manpage - \fB to return into bold
DOC: some typos, fixes from Vincent Lefevre
...
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
The second failregex was supposed to catch an error concerning an ACL denial over IPv6, but this message is no more generated by the nrpe version (v2.15) that introduced the IPv6 support, so the first failregex seems to be sufficient.
The dot at the ignoregex did not belong there. Somehow it was added during the copying and pasting. Thanks for reporting it, I did not see it. Otherwise, empty ignoregexes are in all filters, and if they are missing, fail2ban client shows warnings when starting the filter, which I prefer avoiding.
Yaroslav Halchenko