From 2691da780ac3efcec72b0e7be07cea4d0382dc52 Mon Sep 17 00:00:00 2001
From: Alex 'AdUser' Z <ad_user@runbox.com>
Date: Thu, 21 Jan 2021 23:08:33 +1000
Subject: [PATCH] * make jail filter optional

---
 docs/configuration.md |  2 +-
 filters/empty.preg    |  1 -
 src/jail.c            | 10 ++++++++--
 src/jail.h            |  1 +
 4 files changed, 10 insertions(+), 4 deletions(-)
 delete mode 100644 filters/empty.preg

diff --git a/docs/configuration.md b/docs/configuration.md
index 58a30f5..d5523d4 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -164,7 +164,7 @@ Now let's see real configs. This is modified sample from section `General notes`
     [jail:actor1]
     enabled = yes
     source = redis:ssh
-    filter = preg:/etc/f2b/filters/empty.preg
+    ; no "filter" line here
     backend = exec-ipset:banned
 
 Now, if "sensor1" detects some malicious activity it sends notify with redis PUBLISH command on channel f2b-banned-ssh.
diff --git a/filters/empty.preg b/filters/empty.preg
deleted file mode 100644
index 849cd23..0000000
--- a/filters/empty.preg
+++ /dev/null
@@ -1 +0,0 @@
-<HOST>
diff --git a/src/jail.c b/src/jail.c
index 4e3af80..8318be5 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -119,6 +119,7 @@ f2b_jail_apply_config(f2b_jail_t *jail, f2b_config_section_t *section) {
     if (strcmp(param->name, "filter") == 0) {
       f2b_jail_parse_compound_value(param->value, name, init);
       jail->filter = f2b_filter_create(name, init);
+      jail->flags |= JAIL_HAS_FILTER;
       continue;
     }
     if (strcmp(param->name, "backend") == 0) {
@@ -248,8 +249,13 @@ f2b_jail_process(f2b_jail_t *jail) {
 
   while (f2b_source_next(jail->source, line, sizeof(line), reset)) {
     reset = false;
-    if (!f2b_filter_match(jail->filter, line, matchbuf, sizeof(matchbuf)))
-      continue;
+    if (jail->flags & JAIL_HAS_FILTER) {
+      if (!f2b_filter_match(jail->filter, line, matchbuf, sizeof(matchbuf)))
+        continue;
+    } else {
+      /* without filter: 1) value always matches, 2) passed as-is */
+      memcpy(matchbuf, line, sizeof(matchbuf));
+    }
     /* some regex matches the line */
     jail->stats.matches++;
     addr = f2b_addrlist_lookup(jail->ipaddrs, matchbuf);
diff --git a/src/jail.h b/src/jail.h
index 9945460..29e95be 100644
--- a/src/jail.h
+++ b/src/jail.h
@@ -24,6 +24,7 @@
 /* jail flags */
 #define JAIL_ENABLED       0x01
 #define JAIL_HAS_STATE     0x02
+#define JAIL_HAS_FILTER    0x04
 
 /** jail metadata struct */
 typedef struct f2b_jail_t {