From 0bf1106d72094b95996fa9b75ec76235d64703d3 Mon Sep 17 00:00:00 2001
From: sebres <info@sebres.de>
Date: Tue, 8 Oct 2024 13:34:19 +0200
Subject: [PATCH] manually added attempts inform the observer module (take the
 known ban-count of bad IPs into account); closes gh-3845

---
 fail2ban/server/filter.py          | 3 +++
 fail2ban/tests/observertestcase.py | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py
index f8b36cf6..a33303d6 100644
--- a/fail2ban/server/filter.py
+++ b/fail2ban/server/filter.py
@@ -482,6 +482,9 @@ class Filter(JailThread):
 		# Perform the ban if this attempt is resulted to:
 		if attempts >= self.failManager.getMaxRetry():
 			self.performBan(ip)
+		# report to observer - failure was found, for possibly increasing of it retry counter (asynchronous)
+		if Observers.Main is not None:
+			Observers.Main.add('failureFound', self.jail, ticket)
 
 		return 1
 
diff --git a/fail2ban/tests/observertestcase.py b/fail2ban/tests/observertestcase.py
index d4a46a5b..8fdc8521 100644
--- a/fail2ban/tests/observertestcase.py
+++ b/fail2ban/tests/observertestcase.py
@@ -559,6 +559,12 @@ class BanTimeIncrDB(LogCaptureTestCase):
 		self.assertEqual(restored_tickets[1].getBanTime(), -1)
 		self.assertEqual(restored_tickets[1].getBanCount(), 1)
 
+		self.pruneLog('[test-phase 2] manually attempt must inform observer')
+		jail.filter.addAttempt(ip)
+		obs.wait_empty(5)
+		self.assertLogged("Observer: failure found %s" % ip, 
+			"Found %s, bad" % ip, wait=True)
+
 		# stop observer
 		obs.stop()