github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

BF: fail2ban-regex multiline regex matches no longer in missed lines 

Closes #263
Closes #282
pull/300/head
Steven Hiscocks 2013-07-17 00:08:43 +01:00
parent c61ba9f0de
commit 05fac65a50
2 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
bin/fail2ban-regex
View File

@ -161,7 +161,7 @@ class LineStats(object):
@property @property
def missed(self): def missed(self):
return self.tested - (self.ignored + self.matched) return len(self.missed_lines)
# just for convenient str # just for convenient str
def __getitem__(self, key): def __getitem__(self, key):
@ -273,6 +273,8 @@ class Fail2banRegex(object):
return found return found
def testRegex(self, line): def testRegex(self, line):
orgLineBuffer = self._filter._Filter__lineBuffer
fullBuffer = len(orgLineBuffer) >= self._filter.getMaxLines()
try: try:
ret = self._filter.processLine(line, checkAllRegex=True) ret = self._filter.processLine(line, checkAllRegex=True)
for match in ret: for match in ret:
@ -288,8 +290,28 @@ class Fail2banRegex(object):
except IndexError: except IndexError:
print "Sorry, but no <host> found in regex" print "Sorry, but no <host> found in regex"
return False return False
for bufLine in orgLineBuffer[int(fullBuffer):]:
if bufLine not in self._filter._Filter__lineBuffer:
if self.removeMissedLine(bufLine):
self._line_stats.matched += 1
return len(ret) > 0 return len(ret) > 0
def removeMissedLine(self, line):
"""Remove `line` from missed lines, by comparing without time match"""
for n, missed_line in \
enumerate(reversed(self._line_stats.missed_lines)):
timeMatch = self._filter.dateDetector.matchTime(
missed_line, incHits=False)
if timeMatch:
logLine = (missed_line[:timeMatch.start()] +
missed_line[timeMatch.end():])
else:
logLine = missed_line
if logLine.rstrip("\r\n") == line:
self._line_stats.missed_lines.pop(
len(self._line_stats.missed_lines) - n - 1)
return True
return False
def process(self, test_lines): def process(self, test_lines):

5
fail2ban/server/datedetector.py
View File

@ -173,14 +173,15 @@ class DateDetector:
def getTemplates(self): def getTemplates(self):
return self.__templates return self.__templates
def matchTime(self, line): def matchTime(self, line, incHits=True):
self.__lock.acquire() self.__lock.acquire()
try: try:
for template in self.__templates: for template in self.__templates:
match = template.matchDate(line) match = template.matchDate(line)
if not match is None: if not match is None:
logSys.debug("Matched time template %s" % template.getName()) logSys.debug("Matched time template %s" % template.getName())
template.incHits() if incHits:
template.incHits()
return match return match
return None return None
finally: finally: