github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

ignore already known tickets (from filter after restart); 

bug fixing and optimizing;
pull/716/head
sebres 2014-06-05 14:09:43 +02:00
parent 8fd083a1ea
commit 02055ba4eb
4 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
fail2ban/server/actions.py
View File

@ -361,25 +361,25 @@ class Actions(JailThread, Mapping):
aInfo["failures"] = bTicket.getAttempt() aInfo["failures"] = bTicket.getAttempt()
aInfo["time"] = bTicket.getTime() aInfo["time"] = bTicket.getTime()
aInfo["matches"] = "\n".join(bTicket.getMatches()) aInfo["matches"] = "\n".join(bTicket.getMatches())
btime = bTicket.getBanTime(self.__banManager.getBanTime()); btime = bTicket.getBanTime(self.__banManager.getBanTime())
if self._jail.database is not None: if self._jail.database is not None:
aInfo["ipmatches"] = lambda: "\n".join( aInfo["ipmatches"] = lambda jail=self._jail: "\n".join(
self._jail.database.getBansMerged( jail.database.getBansMerged(ip=ip).getMatches()
ip=ip).getMatches()) )
aInfo["ipjailmatches"] = lambda: "\n".join( aInfo["ipjailmatches"] = lambda jail=self._jail: "\n".join(
self._jail.database.getBansMerged( jail.database.getBansMerged(ip=ip, jail=jail).getMatches()
ip=ip, jail=self._jail).getMatches()) )
aInfo["ipfailures"] = lambda: "\n".join( aInfo["ipfailures"] = lambda jail=self._jail: \
self._jail.database.getBansMerged( jail.database.getBansMerged(ip=ip).getAttempt()
ip=ip).getAttempt()) aInfo["ipjailfailures"] = lambda jail=self._jail: \
aInfo["ipjailfailures"] = lambda: "\n".join( jail.database.getBansMerged(ip=ip, jail=jail).getAttempt()
self._jail.database.getBansMerged(
ip=ip, jail=self._jail).getAttempt())
try: try:
# if not permanent, not restored and ban time was not set: # if not permanent, not restored and ban time was not set:
if btime != -1 and not ticket.getRestored() and bTicket.getBanTime() is None: if btime != -1 and not ticket.getRestored() and bTicket.getBanTime() is None:
btime = self.incrBanTime(bTicket) btime = self.incrBanTime(bTicket)
bTicket.setBanTime(btime); bTicket.setBanTime(btime)
if bTicket.getRestored():
ticket.setRestored(True)
except Exception as e: except Exception as e:
logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG) logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG)
#logSys.error('%s', e, exc_info=True) #logSys.error('%s', e, exc_info=True)
@ -393,10 +393,10 @@ class Actions(JailThread, Mapping):
if self._jail.database is not None: if self._jail.database is not None:
# add to database always only after ban time was calculated an not yet already banned: # add to database always only after ban time was calculated an not yet already banned:
# if ticked was not restored from database - put it into database: # if ticked was not restored from database - put it into database:
if not ticket.getRestored() and not bTicket.getRestored(): if not ticket.getRestored():
self._jail.database.addBan(self._jail, bTicket) self._jail.database.addBan(self._jail, bTicket)
logSys.notice("[%s] %sBan %s (%d # %s -> %s)" % ((self._jail.name, ('Resore ' if ticket.getRestored() else ''), logSys.notice("[%s] %sBan %s (%d # %s -> %s)" % ((self._jail.name, ('Resore ' if ticket.getRestored() else ''),
aInfo["ip"], bTicket.getBanCount()) + logtime)) aInfo["ip"], bTicket.getBanCount()+1) + logtime))
for name, action in self._actions.iteritems(): for name, action in self._actions.iteritems():
try: try:
action.ban(aInfo) action.ban(aInfo)

2
fail2ban/server/database.py
View File

@ -516,7 +516,7 @@ class Fail2BanDb(object):
if not overalljails: if not overalljails:
query = "SELECT bancount, timeofban, bantime FROM bips" query = "SELECT bancount, timeofban, bantime FROM bips"
else: else:
query = "SELECT max(bancount), max(timeofban), max(bantime) FROM bips" query = "SELECT sum(bancount), max(timeofban), sum(bantime) FROM bips"
query += " WHERE ip = ?" query += " WHERE ip = ?"
queryArgs = [ip] queryArgs = [ip]
if not overalljails and jail is not None: if not overalljails and jail is not None:

17
fail2ban/server/filter.py
View File

@ -422,6 +422,7 @@ class Filter(JailThread):
# increase retry count for known (bad) ip, corresponding banCount of it (one try will count than 2, 3, 5, 9 ...) : # increase retry count for known (bad) ip, corresponding banCount of it (one try will count than 2, 3, 5, 9 ...) :
banCount = 0 banCount = 0
retryCount = 1 retryCount = 1
timeOfBan = None
db = self.jail.database db = self.jail.database
if db is not None: if db is not None:
try: try:
@ -434,13 +435,15 @@ class Filter(JailThread):
except Exception as e: except Exception as e:
logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG) logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG)
#logSys.error('%s', e, exc_info=True) #logSys.error('%s', e, exc_info=True)
try: # check this ticket already known (line was already processed and in the database and will be restored from there):
logSys.info( if timeOfBan is not None and unixTime <= timeOfBan:
("[%s] Found %s - %s" % (self.jail.name, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S"))) logSys.debug("Ignore line for %s before last ban %s < %s"
+ ((", %s # -> %s" % (banCount, retryCount)) if banCount != 1 or retryCount != 1 else '') % (ip, unixTime, timeOfBan))
) continue
except Exception as e: logSys.info(
logSys.error('%s', e, exc_info=True) ("[%s] Found %s - %s" % (self.jail.name, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S")))
+ ((", %s # -> %s" % (banCount, retryCount)) if banCount != 1 or retryCount != 1 else '')
)
self.failManager.addFailure(FailTicket(ip, unixTime, lines), retryCount) self.failManager.addFailure(FailTicket(ip, unixTime, lines), retryCount)
## ##

2
fail2ban/tests/databasetestcase.py
View File

@ -506,5 +506,5 @@ class BanTimeIncr(unittest.TestCase):
break break
# get max values for this ip (over all jails): # get max values for this ip (over all jails):
for row in self.db.getBan(ip, overalljails=True): for row in self.db.getBan(ip, overalljails=True):
self.assertEqual(row, (2, stime, 12000)) self.assertEqual(row, (3, stime, 18000))
break break