mirror of https://github.com/fail2ban/fail2ban
small amend (rename maxEntries -> maxMatches for consistency reasons)
parent
5df78ad11f
commit
1083788e70
|
@ -177,7 +177,7 @@ class Fail2BanDb(object):
|
|||
|
||||
|
||||
def __init__(self, filename, purgeAge=24*60*60):
|
||||
self.maxEntries = 50
|
||||
self.maxMatches = 10
|
||||
self._lock = RLock()
|
||||
self._dbFilename = filename
|
||||
self._purgeAge = purgeAge
|
||||
|
@ -541,10 +541,10 @@ class Fail2BanDb(object):
|
|||
#TODO: Implement data parts once arbitrary match keys completed
|
||||
data = ticket.getData()
|
||||
matches = data.get('matches')
|
||||
if self.maxEntries:
|
||||
if matches and len(matches) > self.maxEntries:
|
||||
if self.maxMatches:
|
||||
if matches and len(matches) > self.maxMatches:
|
||||
data = data.copy()
|
||||
data['matches'] = matches[-self.maxEntries:]
|
||||
data['matches'] = matches[-self.maxMatches:]
|
||||
elif matches:
|
||||
data = data.copy()
|
||||
del data['matches']
|
||||
|
@ -672,7 +672,7 @@ class Fail2BanDb(object):
|
|||
tickdata = {}
|
||||
m = data.get('matches', [])
|
||||
# pre-insert "maxadd" enries (because tickets are ordered desc by time)
|
||||
maxadd = self.maxEntries - len(matches)
|
||||
maxadd = self.maxMatches - len(matches)
|
||||
if maxadd > 0:
|
||||
if len(m) <= maxadd:
|
||||
matches = m + matches
|
||||
|
|
|
@ -43,7 +43,7 @@ class FailManager:
|
|||
self.__maxRetry = 3
|
||||
self.__maxTime = 600
|
||||
self.__failTotal = 0
|
||||
self.maxEntries = 50
|
||||
self.maxMatches = 50
|
||||
self.__bgSvc = BgService()
|
||||
|
||||
def setFailTotal(self, value):
|
||||
|
@ -87,7 +87,7 @@ class FailManager:
|
|||
attempt = 1
|
||||
else:
|
||||
# will be incremented / extended (be sure we have at least +1 attempt):
|
||||
matches = ticket.getMatches() if self.maxEntries else None
|
||||
matches = ticket.getMatches() if self.maxMatches else None
|
||||
attempt = ticket.getAttempt()
|
||||
if attempt <= 0:
|
||||
attempt += 1
|
||||
|
@ -97,11 +97,11 @@ class FailManager:
|
|||
fData.setLastReset(unixTime)
|
||||
fData.setRetry(0)
|
||||
fData.inc(matches, attempt, count)
|
||||
# truncate to maxEntries:
|
||||
if self.maxEntries:
|
||||
# truncate to maxMatches:
|
||||
if self.maxMatches:
|
||||
matches = fData.getMatches()
|
||||
if len(matches) > self.maxEntries:
|
||||
fData.setMatches(matches[-self.maxEntries:])
|
||||
if len(matches) > self.maxMatches:
|
||||
fData.setMatches(matches[-self.maxMatches:])
|
||||
else:
|
||||
fData.setMatches(None)
|
||||
except KeyError:
|
||||
|
|
|
@ -331,9 +331,9 @@ class DatabaseTest(LogCaptureTestCase):
|
|||
# be returned
|
||||
self.assertEqual(len(self.db.getBans(jail=self.jail,bantime=-1)), 2)
|
||||
|
||||
def testGetBansMerged_MaxEntries(self):
|
||||
def testGetBansMerged_MaxMatches(self):
|
||||
self.testAddJail()
|
||||
maxEntries = 2
|
||||
maxMatches = 2
|
||||
failures = [
|
||||
{"matches": ["abc\n"], "user": set(['test'])},
|
||||
{"matches": ["123\n"], "user": set(['test'])},
|
||||
|
@ -349,12 +349,12 @@ class DatabaseTest(LogCaptureTestCase):
|
|||
ticket.setAttempt(1)
|
||||
self.db.addBan(self.jail, ticket)
|
||||
# should retrieve 2 matches only, but count of all attempts:
|
||||
self.db.maxEntries = maxEntries;
|
||||
self.db.maxMatches = maxMatches;
|
||||
ticket = self.db.getBansMerged("127.0.0.1")
|
||||
self.assertEqual(ticket.getIP(), "127.0.0.1")
|
||||
self.assertEqual(ticket.getAttempt(), len(failures))
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:])
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:])
|
||||
# add more failures at once:
|
||||
ticket = FailTicket("127.0.0.1", MyTime.time() - 10, matches2find,
|
||||
data={"user": set(['test', 'root'])})
|
||||
|
@ -363,16 +363,16 @@ class DatabaseTest(LogCaptureTestCase):
|
|||
# should retrieve 2 matches only, but count of all attempts:
|
||||
ticket = self.db.getBansMerged("127.0.0.1")
|
||||
self.assertEqual(ticket.getAttempt(), 2 * len(failures))
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:])
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:])
|
||||
# also using getCurrentBans:
|
||||
ticket = self.db.getCurrentBans(self.jail, "127.0.0.1", fromtime=MyTime.time()-100)
|
||||
self.assertTrue(ticket is not None)
|
||||
self.assertEqual(ticket.getAttempt(), len(failures))
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:])
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:])
|
||||
# should retrieve 0 matches by last ban:
|
||||
self.db.maxEntries = 0;
|
||||
self.db.maxMatches = 0;
|
||||
self.db.addBan(self.jail, ticket)
|
||||
ticket = self.db.getCurrentBans(self.jail, "127.0.0.1", fromtime=MyTime.time()-100)
|
||||
self.assertTrue(ticket is not None)
|
||||
|
|
|
@ -69,9 +69,9 @@ class AddFailure(unittest.TestCase):
|
|||
self.assertEqual(self.__failManager.getFailTotal(), 0)
|
||||
self.__failManager.setFailTotal(13)
|
||||
|
||||
def testFailManagerAdd_MaxEntries(self):
|
||||
maxEntries = 2
|
||||
self.__failManager.maxEntries = maxEntries
|
||||
def testFailManagerAdd_MaxMatches(self):
|
||||
maxMatches = 2
|
||||
self.__failManager.maxMatches = maxMatches
|
||||
failures = ["abc\n", "123\n", "ABC\n", "1234\n"]
|
||||
# add failures sequential:
|
||||
i = 80
|
||||
|
@ -86,8 +86,8 @@ class AddFailure(unittest.TestCase):
|
|||
ticket = manFailList["127.0.0.1"]
|
||||
# should retrieve 2 matches only, but count of all attempts (4):
|
||||
self.assertEqual(ticket.getAttempt(), len(failures))
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:])
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:])
|
||||
# add more failures at once:
|
||||
ticket = FailTicket("127.0.0.1", 1000002000 - 10, failures)
|
||||
ticket.setAttempt(len(failures))
|
||||
|
@ -98,8 +98,8 @@ class AddFailure(unittest.TestCase):
|
|||
ticket = manFailList["127.0.0.1"]
|
||||
# should retrieve 2 matches only, but count of all attempts (8):
|
||||
self.assertEqual(ticket.getAttempt(), 2 * len(failures))
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:])
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:])
|
||||
# add self ticket again:
|
||||
self.__failManager.addFailure(ticket)
|
||||
#
|
||||
|
@ -108,10 +108,10 @@ class AddFailure(unittest.TestCase):
|
|||
ticket = manFailList["127.0.0.1"]
|
||||
# same matches, but +1 attempt (9)
|
||||
self.assertEqual(ticket.getAttempt(), 2 * len(failures) + 1)
|
||||
self.assertEqual(len(ticket.getMatches()), maxEntries)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:])
|
||||
# no matches by maxEntries == 0 :
|
||||
self.__failManager.maxEntries = 0
|
||||
self.assertEqual(len(ticket.getMatches()), maxMatches)
|
||||
self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:])
|
||||
# no matches by maxMatches == 0 :
|
||||
self.__failManager.maxMatches = 0
|
||||
self.__failManager.addFailure(ticket)
|
||||
manFailList = self.__failManager._FailManager__failList
|
||||
ticket = manFailList["127.0.0.1"]
|
||||
|
|
Loading…
Reference in New Issue