diff --git a/ChangeLog b/ChangeLog index 51181d12..f644da1e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,6 +22,8 @@ ver. 0.9.2 (2014/xx/xx) - increment ban time - php-url-fopen: separate logpath entries by newline * failregex declared direct in jail was joined to single line (specifying of multiple expressions was not possible). + * filters.d/exim.conf - cover different settings of exim logs + details. Thanks bes.internal - New Features: * increment ban time (+ observer) functionality introduced. diff --git a/config/filter.d/exim.conf b/config/filter.d/exim.conf index b5028f0e..11fd03d1 100644 --- a/config/filter.d/exim.conf +++ b/config/filter.d/exim.conf @@ -14,10 +14,10 @@ before = exim-common.conf [Definition] failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$ - ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$ + ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[\](:\d+)?( I=\[\S+\](:\d+)?)?: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$ ^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$ - ^%(pid)s SMTP call from \S+ \[\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$ + ^%(pid)s SMTP call from \S+ \[\](:\d+)? (I=\[\S+\](:\d+)? )?dropped: too many nonmail commands \(last was "\S+"\)\s*$ ignoreregex = diff --git a/fail2ban/tests/files/logs/exim b/fail2ban/tests/files/logs/exim index 84aedcfa..c015eb29 100644 --- a/fail2ban/tests/files/logs/exim +++ b/fail2ban/tests/files/logs/exim @@ -40,3 +40,6 @@ # failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" } 2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner) + +# failJSON: { "time": "2014-12-02T03:00:23", "match": true , "host": "193.254.202.35" } +2014-12-02 03:00:23 auth_plain authenticator failed for (rom182) [193.254.202.35]:41556 I=[10.0.0.1]:25: 535 Incorrect authentication data (set_id=webmaster) diff --git a/fail2ban/tests/misctestcase.py b/fail2ban/tests/misctestcase.py index 2a57b071..d7c5ecdb 100644 --- a/fail2ban/tests/misctestcase.py +++ b/fail2ban/tests/misctestcase.py @@ -56,21 +56,12 @@ class HelpersTest(unittest.TestCase): # might be fragile due to ' vs " self.assertEqual(args, "('Very bad', None)") -# based on -# http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python -def recursive_glob(treeroot, pattern): - results = [] - for base, dirs, files in os.walk(treeroot): - goodfiles = fnmatch.filter(dirs + files, pattern) - results.extend(os.path.join(base, f) for f in goodfiles) - return results - class SetupTest(unittest.TestCase): def setUp(self): - setup = os.path.join(os.path.dirname(__file__), '..', 'setup.py') + setup = os.path.join(os.path.dirname(__file__), '..', '..', 'setup.py') self.setup = os.path.exists(setup) and setup or None - if not self.setup and sys.version_info >= (2,7): # running not out of the source + if not self.setup and sys.version_info >= (2,7): # pragma: no cover - running not out of the source raise unittest.SkipTest( "Seems to be running not out of source distribution" " -- cannot locate setup.py") @@ -78,42 +69,53 @@ class SetupTest(unittest.TestCase): def testSetupInstallRoot(self): if not self.setup: return # if verbose skip didn't work out tmp = tempfile.mkdtemp() - os.system("%s %s install --root=%s >/dev/null" - % (sys.executable, self.setup, tmp)) + try: + os.system("%s %s install --root=%s >/dev/null" + % (sys.executable, self.setup, tmp)) - def addpath(l): - return [os.path.join(tmp, x) for x in l] + def strippath(l): + return [x[len(tmp)+1:] for x in l] - def strippath(l): - return [x[len(tmp)+1:] for x in l] + got = strippath(sorted(glob('%s/*' % tmp))) + need = ['etc', 'usr', 'var'] - got = strippath(sorted(glob('%s/*' % tmp))) - need = ['etc', 'usr', 'var'] + # if anything is missing + if set(need).difference(got): # pragma: no cover + # below code was actually to print out not missing but + # rather files in 'excess'. Left in place in case we + # decide to revert to such more strict test - # if anything is missing - if set(need).difference(got): - # below code was actually to print out not missing but - # rather files in 'excess'. Left in place in case we - # decide to revert to such more strict test - files = {} - for missing in set(got).difference(need): - missing_full = os.path.join(tmp, missing) - files[missing] = os.path.exists(missing_full) \ - and strippath(recursive_glob(missing_full, '*')) or None + # based on + # http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python + def recursive_glob(treeroot, pattern): + results = [] + for base, dirs, files in os.walk(treeroot): + goodfiles = fnmatch.filter(dirs + files, pattern) + results.extend(os.path.join(base, f) for f in goodfiles) + return results - self.assertEqual( - got, need, - msg="Got: %s Needed: %s under %s. Files under new paths: %s" - % (got, need, tmp, files)) + files = {} + for missing in set(got).difference(need): + missing_full = os.path.join(tmp, missing) + files[missing] = os.path.exists(missing_full) \ + and strippath(recursive_glob(missing_full, '*')) or None - # Assure presence of some files we expect to see in the installation - for f in ('etc/fail2ban/fail2ban.conf', - 'etc/fail2ban/jail.conf'): - self.assertTrue(os.path.exists(os.path.join(tmp, f)), - msg="Can't find %s" % f) + self.assertEqual( + got, need, + msg="Got: %s Needed: %s under %s. Files under new paths: %s" + % (got, need, tmp, files)) - # clean up - shutil.rmtree(tmp) + # Assure presence of some files we expect to see in the installation + for f in ('etc/fail2ban/fail2ban.conf', + 'etc/fail2ban/jail.conf'): + self.assertTrue(os.path.exists(os.path.join(tmp, f)), + msg="Can't find %s" % f) + finally: + # clean up + shutil.rmtree(tmp) + # remove build directory + os.system("%s %s clean --all >/dev/null" + % (sys.executable, self.setup)) class TestsUtilsTest(unittest.TestCase):