From 237706e39fb7ed95271c74312664fc512c498a77 Mon Sep 17 00:00:00 2001 From: sebres Date: Tue, 6 May 2014 17:57:11 +0200 Subject: [PATCH] ban time incr: 1st test case added, to test it stand-alone: python ./bin/fail2ban-testcases -l debug 'BanTimeIncr' --- fail2ban/server/actions.py | 4 +- fail2ban/tests/actionstestcase.py | 114 ++++++++++++++++++++++++++++++ fail2ban/tests/utils.py | 1 + 3 files changed, 118 insertions(+), 1 deletion(-) diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py index 0013eb49..01c2a761 100644 --- a/fail2ban/server/actions.py +++ b/fail2ban/server/actions.py @@ -250,9 +250,11 @@ class Actions(JailThread, Mapping): def setBanTimeExtra(self, opt, value): # merge previous extra with new option: be = self._banExtra; + if value == '': + value = None if value is not None: be[opt] = value; - else: + elif opt in be: del be[opt] logSys.info('Set banTimeExtra.%s = %s', opt, value) if opt == 'enabled': diff --git a/fail2ban/tests/actionstestcase.py b/fail2ban/tests/actionstestcase.py index ed0fb619..f3a2ceae 100644 --- a/fail2ban/tests/actionstestcase.py +++ b/fail2ban/tests/actionstestcase.py @@ -140,3 +140,117 @@ class ExecuteActions(LogCaptureTestCase): self.__actions.stop() self.__actions.join() self.assertTrue(self._is_logged("Failed to stop")) + + +# Author: Serg G. Brester (sebres) +# + +__author__ = "Serg Brester" +__copyright__ = "Copyright (c) 2014 Serg G. Brester" + +class BanTimeIncr(LogCaptureTestCase): + + def setUp(self): + """Call before every test case.""" + super(BanTimeIncr, self).setUp() + self.__jail = DummyJail() + self.__actions = Actions(self.__jail) + self.__tmpfile, self.__tmpfilename = tempfile.mkstemp() + + def tearDown(self): + super(BanTimeIncr, self).tearDown() + os.remove(self.__tmpfilename) + + def testMultipliers(self): + a = self.__actions; + a.setBanTimeExtra('maxtime', '24*60*60') + a.setBanTimeExtra('rndtime', None) + a.setBanTimeExtra('factor', None) + a.setBanTimeExtra('multipliers', '1 2 4 8 16 32 64 128 256') + self.assertEqual( + [a.calcBanTime(600, i) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 76800, 86400, 86400, 86400] + ) + # with extra large max time (30 days): + a.setBanTimeExtra('maxtime', '30*24*60*60') + self.assertEqual( + [a.calcBanTime(600, i) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 76800, 153600, 153600, 153600] + ) + a.setBanTimeExtra('maxtime', '24*60*60') + # change factor : + a.setBanTimeExtra('factor', '2'); + self.assertEqual( + [a.calcBanTime(600, i) for i in xrange(1, 11)], + [2400, 4800, 9600, 19200, 38400, 76800, 86400, 86400, 86400, 86400] + ) + a.setBanTimeExtra('factor', None); + # change max time : + a.setBanTimeExtra('maxtime', '12*60*60') + self.assertEqual( + [a.calcBanTime(600, i) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 43200, 43200, 43200, 43200] + ) + a.setBanTimeExtra('maxtime', '24*60*60') + ## test randomization - not possibe all 10 times we have random = 0: + a.setBanTimeExtra('rndtime', '5*60') + self.assertTrue( + False in [1200 in [a.calcBanTime(600, 1) for i in xrange(10)] for c in xrange(10)] + ) + a.setBanTimeExtra('rndtime', None) + self.assertFalse( + False in [1200 in [a.calcBanTime(600, 1) for i in xrange(10)] for c in xrange(10)] + ) + # restore default: + a.setBanTimeExtra('multipliers', None) + a.setBanTimeExtra('factor', None); + a.setBanTimeExtra('maxtime', '24*60*60') + a.setBanTimeExtra('rndtime', None) + + def testFormula(self): + a = self.__actions; + a.setBanTimeExtra('maxtime', '24*60*60') + a.setBanTimeExtra('rndtime', None) + a.setBanTimeExtra('factor', None) + ## use default formula: + a.setBanTimeExtra('multipliers', None) + self.assertEqual( + [int(a.calcBanTime(600, i)) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 76800, 86400, 86400, 86400] + ) + # with extra large max time (30 days): + a.setBanTimeExtra('maxtime', '30*24*60*60') + self.assertEqual( + [int(a.calcBanTime(600, i)) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 76800, 153601, 307203, 614407] + ) + a.setBanTimeExtra('maxtime', '24*60*60') + # change factor : + a.setBanTimeExtra('factor', '1'); + self.assertEqual( + [int(a.calcBanTime(600, i)) for i in xrange(1, 11)], + [1630, 4433, 12051, 32758, 86400, 86400, 86400, 86400, 86400, 86400] + ) + a.setBanTimeExtra('factor', None); + # change max time : + a.setBanTimeExtra('maxtime', '12*60*60') + self.assertEqual( + [int(a.calcBanTime(600, i)) for i in xrange(1, 11)], + [1200, 2400, 4800, 9600, 19200, 38400, 43200, 43200, 43200, 43200] + ) + a.setBanTimeExtra('maxtime', '24*60*60') + ## test randomization - not possibe all 10 times we have random = 0: + a.setBanTimeExtra('rndtime', '5*60') + self.assertTrue( + False in [1200 in [int(a.calcBanTime(600, 1)) for i in xrange(10)] for c in xrange(10)] + ) + a.setBanTimeExtra('rndtime', None) + self.assertFalse( + False in [1200 in [int(a.calcBanTime(600, 1)) for i in xrange(10)] for c in xrange(10)] + ) + # restore default: + a.setBanTimeExtra('multipliers', None) + a.setBanTimeExtra('factor', None); + a.setBanTimeExtra('maxtime', '24*60*60') + a.setBanTimeExtra('rndtime', None) + diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py index 85c1d929..bfd11074 100644 --- a/fail2ban/tests/utils.py +++ b/fail2ban/tests/utils.py @@ -165,6 +165,7 @@ def gatherTests(regexps=None, no_network=False): tests.addTest(unittest.makeSuite(servertestcase.RegexTests)) tests.addTest(unittest.makeSuite(actiontestcase.CommandActionTest)) tests.addTest(unittest.makeSuite(actionstestcase.ExecuteActions)) + tests.addTest(unittest.makeSuite(actionstestcase.BanTimeIncr)) # FailManager tests.addTest(unittest.makeSuite(failmanagertestcase.AddFailure)) # BanManager