github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Added permanent banning feature 

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@222 a942ae1a-1317-0410-a47c-b1dcaea8d605
0.6
Cyril Jaquier 2005-12-16 23:48:52 +00:00
parent 716e0840fc
commit 15806fc3da
2 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/fail2ban.conf.default
View File

@ -48,7 +48,8 @@ pidlock = /var/run/fail2ban.pid
maxfailures = 5 maxfailures = 5
# Option: bantime # Option: bantime
# Notes.: number of seconds an IP will be banned. # Notes.: number of seconds an IP will be banned. If set to a negative
# value, IP will never be unbanned (permanent banning).
# Values: NUM Default: 600 # Values: NUM Default: 600
# #
bantime = 600 bantime = 600

12
firewall/firewall.py
View File

@ -86,7 +86,11 @@ class Firewall:
ip = aInfo["ip"] ip = aInfo["ip"]
if not self.inBanList(ip): if not self.inBanList(ip):
crtTime = time.time() crtTime = time.time()
logSys.warn("%s: Ban "%self.section + ip) if self.banTime < 0:
banMsg = "Ban (permanent)"
else:
banMsg = "Ban (%d s)"%self.banTime
logSys.warn("%s: %s "%(self.section, banMsg) + ip)
self.banList[ip] = crtTime self.banList[ip] = crtTime
aInfo["bantime"] = crtTime aInfo["bantime"] = crtTime
self.runCheck(debug) self.runCheck(debug)
@ -138,8 +142,12 @@ class Firewall:
return None return None
def checkForUnBan(self, debug): def checkForUnBan(self, debug):
""" Check for IP to remove from ban list. """ Check for IP to remove from ban list. If banTime is smaller than
zero, IP will be never removed.
""" """
if self.banTime < 0:
# Permanent banning
return
banListTemp = self.banList.copy() banListTemp = self.banList.copy()
for element in banListTemp.iteritems(): for element in banListTemp.iteritems():
btime = element[1] btime = element[1]