__ _ _ ___ _ / _|__ _(_) |_ ) |__ __ _ _ _ | _/ _` | | |/ /| '_ \/ _` | ' \ |_| \__,_|_|_/___|_.__/\__,_|_||_| ============================================================= ToDo $Revision: 1.11 $ ============================================================= See Feature Request Tracking System at SourceForge.net - improve installation process (better prefix support) - improve documentation and website for user - use Doxygen - use PyLint to check the code - better configuration files - add a check to see if the time of the log messages is correctly detected (valid regexp) - use Gentoo Portage style for scripts. - banning engines script in /etc/fail2ban/scripts.d Example: /etc/fail2ban/scripts.d/iptables Will be mostly bash scripting which is more "user friendly". - split configuration files in /etc/fail2ban/services.d for log files Example: /etc/fail2ban/services.d/apache Mainly regular expressions. - template for common regex in /etc/fail2ban/templates.d Example: /etc/fail2ban/templates.d/date Mainly regular expressions. - remove debug mode (root check) - better return values in function - use more email.Utils in mail.py - add gettext support. Is this really needed for a server utility? - send an email when fail2ban is running - add multithreading. Python threading is not really efficient. However, fail2ban could benefit of it. We could use threads like this: - one thread which check for host to unban. - one thread per file to watch. This will allow things like different polling time for each file. is read-only (we only read log files) thus no locks are required. However, is read-write and must take care of concurrency in case of multithreading. - add FAM/Gamin support. Should be quite efficient with threading. Take care that handle_one_event() release the Python lock. - add a test framework. We could use unittest which is in Python since 2.1. It should be possible to run all tests automatically. - add client/server using socket. Something similar to gdesklets. DBUS seems to be designed for desktop use. - fail2ban start -> start the daemon. - fail2ban stop -> stop the daemon. - fail2ban add -> add monitoring with ban method (iptables, hosts.deny, etc). - fail2ban del -> remove monitoring. - fail2ban status -> query current fail2ban status. Should return infos like a ban counter. Could be graph with rrdtool. - fail2ban pause -> suspend monitoring. - fail2ban resume -> resume monitoring. - fail2ban list -> list available services. - fail2ban flush -> flush the ban list. - remove PID file. - remove most of the command lines options if possible. - add the possibility to specify wildcard in log files. Example: logfile = /var/log/apache2/access-*.log Should we start one thread per file or just one thread per serivce? - autodetect date format in log file. Match the most popular format and sort them using the hit ratio. Should avoid user problem with regex and not have a big impact on perfs. - restart automatically the daemon if an exception occurs.