Merge pull request #1198 from yarikoptic/enh-split-comma

ENH: allow to split ignoreip by space and/or comma (Closes #1197)
fail2ban · Sep 27, 2015 · 7f3b31a · 7f3b31a
2 parents 4c48e99 + ff06176
commit 7f3b31a
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 5 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -25,6 +25,7 @@ ver. 0.9.4 (2015/XX/XXX) - wanna-be-released
    * Added new date pattern with year after day (e.g. Sun Jan 23 2005 21:59:59)
      http://bugs.debian.org/798923
    * Added openSUSE path configuration (Thanks Johannes Weberhofer)
+   * Allow to split ignoreip entries by ',' as well as by ' ' (gh-1197)
    * Added a timeout (3 sec) to urlopen within badips.py action
      (Thanks M. Maraun)
 

diff --git a/config/jail.conf b/config/jail.conf
@@ -46,7 +46,7 @@ before = paths-debian.conf
 
 # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
 # ban a host which matches an address in this list. Several addresses can be
-# defined using space separator.
+# defined using space (and/or comma) separator.
 ignoreip = 127.0.0.1/8
 
 # External command that will take an tagged arguments to ignore, e.g. <ip>,

diff --git a/fail2ban/client/jailreader.py b/fail2ban/client/jailreader.py
@@ -33,6 +33,7 @@
 from .filterreader import FilterReader
 from .actionreader import ActionReader
 from ..helpers import getLogger
+from ..helpers import splitcommaspace
 
 # Gets the instance of the logger.
 logSys = getLogger(__name__)
@@ -208,10 +209,8 @@ def convert(self, allow_no_files=False):
 			elif opt == "maxretry":
 				stream.append(["set", self.__name, "maxretry", self.__opts[opt]])
 			elif opt == "ignoreip":
-				for ip in self.__opts[opt].split():
-					# Do not send a command if the rule is empty.
-					if ip != '':
-						stream.append(["set", self.__name, "addignoreip", ip])
+				for ip in splitcommaspace(self.__opts[opt]):
+					stream.append(["set", self.__name, "addignoreip", ip])
 			elif opt == "findtime":
 				stream.append(["set", self.__name, "findtime", self.__opts[opt]])
 			elif opt == "bantime":

diff --git a/fail2ban/helpers.py b/fail2ban/helpers.py
@@ -127,3 +127,13 @@ def excepthook(exctype, value, traceback):
 	getLogger("fail2ban").critical(
 		"Unhandled exception in Fail2Ban:", exc_info=True)
 	return sys.__excepthook__(exctype, value, traceback)
+
+def splitcommaspace(s):
+	"""Helper to split on any comma or space
+
+	Returns empty list if input is empty (or None) and filters
+	out empty entries
+	"""
+	if not s:
+		return []
+	return filter(bool, re.split('[ ,]', s))
diff --git a/fail2ban/tests/misctestcase.py b/fail2ban/tests/misctestcase.py
@@ -33,6 +33,7 @@
 from StringIO import StringIO
 
 from ..helpers import formatExceptionInfo, mbasename, TraceBack, FormatterWithTraceBack, getLogger
+from ..helpers import splitcommaspace
 from ..server.datetemplate import DatePatternRegex
 
 
@@ -55,6 +56,14 @@ def testFormatExceptionConvertArgs(self):
 			# might be fragile due to ' vs "
 			self.assertEqual(args, "('Very bad', None)")
 
+	def testsplitcommaspace(self):
+		self.assertEqual(splitcommaspace(None), [])
+		self.assertEqual(splitcommaspace(''), [])
+		self.assertEqual(splitcommaspace('  '), [])
+		self.assertEqual(splitcommaspace('1'), ['1'])
+		self.assertEqual(splitcommaspace(' 1 2 '), ['1', '2'])
+		self.assertEqual(splitcommaspace(' 1, 2 , '), ['1', '2'])
+
 
 class SetupTest(unittest.TestCase):