diff --git a/fail2ban/server/database.py b/fail2ban/server/database.py index 7b457fc9..5eb7d8d6 100644 --- a/fail2ban/server/database.py +++ b/fail2ban/server/database.py @@ -177,7 +177,7 @@ class Fail2BanDb(object): def __init__(self, filename, purgeAge=24*60*60): - self.maxEntries = 50 + self.maxMatches = 10 self._lock = RLock() self._dbFilename = filename self._purgeAge = purgeAge @@ -541,10 +541,10 @@ class Fail2BanDb(object): #TODO: Implement data parts once arbitrary match keys completed data = ticket.getData() matches = data.get('matches') - if self.maxEntries: - if matches and len(matches) > self.maxEntries: + if self.maxMatches: + if matches and len(matches) > self.maxMatches: data = data.copy() - data['matches'] = matches[-self.maxEntries:] + data['matches'] = matches[-self.maxMatches:] elif matches: data = data.copy() del data['matches'] @@ -672,7 +672,7 @@ class Fail2BanDb(object): tickdata = {} m = data.get('matches', []) # pre-insert "maxadd" enries (because tickets are ordered desc by time) - maxadd = self.maxEntries - len(matches) + maxadd = self.maxMatches - len(matches) if maxadd > 0: if len(m) <= maxadd: matches = m + matches diff --git a/fail2ban/server/failmanager.py b/fail2ban/server/failmanager.py index bd1f3e73..80a6414a 100644 --- a/fail2ban/server/failmanager.py +++ b/fail2ban/server/failmanager.py @@ -43,7 +43,7 @@ class FailManager: self.__maxRetry = 3 self.__maxTime = 600 self.__failTotal = 0 - self.maxEntries = 50 + self.maxMatches = 50 self.__bgSvc = BgService() def setFailTotal(self, value): @@ -87,7 +87,7 @@ class FailManager: attempt = 1 else: # will be incremented / extended (be sure we have at least +1 attempt): - matches = ticket.getMatches() if self.maxEntries else None + matches = ticket.getMatches() if self.maxMatches else None attempt = ticket.getAttempt() if attempt <= 0: attempt += 1 @@ -97,11 +97,11 @@ class FailManager: fData.setLastReset(unixTime) fData.setRetry(0) fData.inc(matches, attempt, count) - # truncate to maxEntries: - if self.maxEntries: + # truncate to maxMatches: + if self.maxMatches: matches = fData.getMatches() - if len(matches) > self.maxEntries: - fData.setMatches(matches[-self.maxEntries:]) + if len(matches) > self.maxMatches: + fData.setMatches(matches[-self.maxMatches:]) else: fData.setMatches(None) except KeyError: diff --git a/fail2ban/tests/databasetestcase.py b/fail2ban/tests/databasetestcase.py index 8865cf45..f03ec18d 100644 --- a/fail2ban/tests/databasetestcase.py +++ b/fail2ban/tests/databasetestcase.py @@ -331,9 +331,9 @@ class DatabaseTest(LogCaptureTestCase): # be returned self.assertEqual(len(self.db.getBans(jail=self.jail,bantime=-1)), 2) - def testGetBansMerged_MaxEntries(self): + def testGetBansMerged_MaxMatches(self): self.testAddJail() - maxEntries = 2 + maxMatches = 2 failures = [ {"matches": ["abc\n"], "user": set(['test'])}, {"matches": ["123\n"], "user": set(['test'])}, @@ -349,12 +349,12 @@ class DatabaseTest(LogCaptureTestCase): ticket.setAttempt(1) self.db.addBan(self.jail, ticket) # should retrieve 2 matches only, but count of all attempts: - self.db.maxEntries = maxEntries; + self.db.maxMatches = maxMatches; ticket = self.db.getBansMerged("127.0.0.1") self.assertEqual(ticket.getIP(), "127.0.0.1") self.assertEqual(ticket.getAttempt(), len(failures)) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:]) + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:]) # add more failures at once: ticket = FailTicket("127.0.0.1", MyTime.time() - 10, matches2find, data={"user": set(['test', 'root'])}) @@ -363,16 +363,16 @@ class DatabaseTest(LogCaptureTestCase): # should retrieve 2 matches only, but count of all attempts: ticket = self.db.getBansMerged("127.0.0.1") self.assertEqual(ticket.getAttempt(), 2 * len(failures)) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:]) + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:]) # also using getCurrentBans: ticket = self.db.getCurrentBans(self.jail, "127.0.0.1", fromtime=MyTime.time()-100) self.assertTrue(ticket is not None) self.assertEqual(ticket.getAttempt(), len(failures)) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), matches2find[-maxEntries:]) + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), matches2find[-maxMatches:]) # should retrieve 0 matches by last ban: - self.db.maxEntries = 0; + self.db.maxMatches = 0; self.db.addBan(self.jail, ticket) ticket = self.db.getCurrentBans(self.jail, "127.0.0.1", fromtime=MyTime.time()-100) self.assertTrue(ticket is not None) diff --git a/fail2ban/tests/failmanagertestcase.py b/fail2ban/tests/failmanagertestcase.py index 7e4451eb..c3592407 100644 --- a/fail2ban/tests/failmanagertestcase.py +++ b/fail2ban/tests/failmanagertestcase.py @@ -69,9 +69,9 @@ class AddFailure(unittest.TestCase): self.assertEqual(self.__failManager.getFailTotal(), 0) self.__failManager.setFailTotal(13) - def testFailManagerAdd_MaxEntries(self): - maxEntries = 2 - self.__failManager.maxEntries = maxEntries + def testFailManagerAdd_MaxMatches(self): + maxMatches = 2 + self.__failManager.maxMatches = maxMatches failures = ["abc\n", "123\n", "ABC\n", "1234\n"] # add failures sequential: i = 80 @@ -86,8 +86,8 @@ class AddFailure(unittest.TestCase): ticket = manFailList["127.0.0.1"] # should retrieve 2 matches only, but count of all attempts (4): self.assertEqual(ticket.getAttempt(), len(failures)) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:]) + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:]) # add more failures at once: ticket = FailTicket("127.0.0.1", 1000002000 - 10, failures) ticket.setAttempt(len(failures)) @@ -98,8 +98,8 @@ class AddFailure(unittest.TestCase): ticket = manFailList["127.0.0.1"] # should retrieve 2 matches only, but count of all attempts (8): self.assertEqual(ticket.getAttempt(), 2 * len(failures)) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:]) + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:]) # add self ticket again: self.__failManager.addFailure(ticket) # @@ -108,10 +108,10 @@ class AddFailure(unittest.TestCase): ticket = manFailList["127.0.0.1"] # same matches, but +1 attempt (9) self.assertEqual(ticket.getAttempt(), 2 * len(failures) + 1) - self.assertEqual(len(ticket.getMatches()), maxEntries) - self.assertEqual(ticket.getMatches(), failures[len(failures) - maxEntries:]) - # no matches by maxEntries == 0 : - self.__failManager.maxEntries = 0 + self.assertEqual(len(ticket.getMatches()), maxMatches) + self.assertEqual(ticket.getMatches(), failures[len(failures) - maxMatches:]) + # no matches by maxMatches == 0 : + self.__failManager.maxMatches = 0 self.__failManager.addFailure(ticket) manFailList = self.__failManager._FailManager__failList ticket = manFailList["127.0.0.1"]