From d62b0467048d7d6ec57e66b9fc9a65acfded0010 Mon Sep 17 00:00:00 2001 From: sebres Date: Wed, 3 Dec 2014 14:45:46 +0100 Subject: [PATCH 1/4] testSetupInstallRoot will be always skipped, because of "wrong" location of 'setup.py'; --- fail2ban/tests/misctestcase.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fail2ban/tests/misctestcase.py b/fail2ban/tests/misctestcase.py index 64b6b65e..4bb4b02f 100644 --- a/fail2ban/tests/misctestcase.py +++ b/fail2ban/tests/misctestcase.py @@ -67,7 +67,7 @@ def recursive_glob(treeroot, pattern): class SetupTest(unittest.TestCase): def setUp(self): - setup = os.path.join(os.path.dirname(__file__), '..', 'setup.py') + setup = os.path.join(os.path.dirname(__file__), '..', '..', 'setup.py') self.setup = os.path.exists(setup) and setup or None if not self.setup and sys.version_info >= (2,7): # running not out of the source raise unittest.SkipTest( From 7d4f071d4b9b0b67310fb72b3107b1e977ae5c1a Mon Sep 17 00:00:00 2001 From: sebres Date: Wed, 3 Dec 2014 15:25:27 +0100 Subject: [PATCH 2/4] small fix: no cover for failed case --- fail2ban/tests/misctestcase.py | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/fail2ban/tests/misctestcase.py b/fail2ban/tests/misctestcase.py index 4bb4b02f..afc11ed9 100644 --- a/fail2ban/tests/misctestcase.py +++ b/fail2ban/tests/misctestcase.py @@ -55,21 +55,12 @@ class HelpersTest(unittest.TestCase): # might be fragile due to ' vs " self.assertEqual(args, "('Very bad', None)") -# based on -# http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python -def recursive_glob(treeroot, pattern): - results = [] - for base, dirs, files in os.walk(treeroot): - goodfiles = fnmatch.filter(dirs + files, pattern) - results.extend(os.path.join(base, f) for f in goodfiles) - return results - class SetupTest(unittest.TestCase): def setUp(self): setup = os.path.join(os.path.dirname(__file__), '..', '..', 'setup.py') self.setup = os.path.exists(setup) and setup or None - if not self.setup and sys.version_info >= (2,7): # running not out of the source + if not self.setup and sys.version_info >= (2,7): # pragma: no cover - running not out of the source raise unittest.SkipTest( "Seems to be running not out of source distribution" " -- cannot locate setup.py") @@ -80,9 +71,6 @@ class SetupTest(unittest.TestCase): os.system("%s %s install --root=%s >/dev/null" % (sys.executable, self.setup, tmp)) - def addpath(l): - return [os.path.join(tmp, x) for x in l] - def strippath(l): return [x[len(tmp)+1:] for x in l] @@ -90,10 +78,20 @@ class SetupTest(unittest.TestCase): need = ['etc', 'usr', 'var'] # if anything is missing - if set(need).difference(got): + if set(need).difference(got): # pragma: no cover # below code was actually to print out not missing but # rather files in 'excess'. Left in place in case we # decide to revert to such more strict test + + # based on + # http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python + def recursive_glob(treeroot, pattern): + results = [] + for base, dirs, files in os.walk(treeroot): + goodfiles = fnmatch.filter(dirs + files, pattern) + results.extend(os.path.join(base, f) for f in goodfiles) + return results + files = {} for missing in set(got).difference(need): missing_full = os.path.join(tmp, missing) From ccc986b7d8bb0d615c85fefd07aaedc04af33743 Mon Sep 17 00:00:00 2001 From: bes-internal Date: Mon, 1 Dec 2014 13:12:53 +0300 Subject: [PATCH 3/4] exim filter: correct failregex for exim with extended log options incoming_interface, incoming_port, outgoing_port --- ChangeLog | 2 ++ config/filter.d/exim.conf | 4 ++-- fail2ban/tests/files/logs/exim | 3 +++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 08cf38cc..690b168a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,8 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released - php-url-fopen: separate logpath entries by newline * failregex declared direct in jail was joined to single line (specifying of multiple expressions was not possible). + * filters.d/exim.conf - cover different settings of exim logs + details. Thanks bes.internal - New Features: - New interpolation feature for config readers - `%(known/parameter)s`. diff --git a/config/filter.d/exim.conf b/config/filter.d/exim.conf index b5028f0e..11fd03d1 100644 --- a/config/filter.d/exim.conf +++ b/config/filter.d/exim.conf @@ -14,10 +14,10 @@ before = exim-common.conf [Definition] failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$ - ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$ + ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[\](:\d+)?( I=\[\S+\](:\d+)?)?: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$ ^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$ - ^%(pid)s SMTP call from \S+ \[\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$ + ^%(pid)s SMTP call from \S+ \[\](:\d+)? (I=\[\S+\](:\d+)? )?dropped: too many nonmail commands \(last was "\S+"\)\s*$ ignoreregex = diff --git a/fail2ban/tests/files/logs/exim b/fail2ban/tests/files/logs/exim index 84aedcfa..c015eb29 100644 --- a/fail2ban/tests/files/logs/exim +++ b/fail2ban/tests/files/logs/exim @@ -40,3 +40,6 @@ # failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" } 2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner) + +# failJSON: { "time": "2014-12-02T03:00:23", "match": true , "host": "193.254.202.35" } +2014-12-02 03:00:23 auth_plain authenticator failed for (rom182) [193.254.202.35]:41556 I=[10.0.0.1]:25: 535 Incorrect authentication data (set_id=webmaster) From a71a64733a747ddbac5fb9515afc6afb6ffd95df Mon Sep 17 00:00:00 2001 From: sebres Date: Fri, 5 Dec 2014 16:39:17 +0100 Subject: [PATCH 4/4] clean all after test setup (removes a build directory in current root of fail2ban) --- fail2ban/tests/misctestcase.py | 76 ++++++++++++++++++---------------- 1 file changed, 40 insertions(+), 36 deletions(-) diff --git a/fail2ban/tests/misctestcase.py b/fail2ban/tests/misctestcase.py index afc11ed9..2f69aef0 100644 --- a/fail2ban/tests/misctestcase.py +++ b/fail2ban/tests/misctestcase.py @@ -68,49 +68,53 @@ class SetupTest(unittest.TestCase): def testSetupInstallRoot(self): if not self.setup: return # if verbose skip didn't work out tmp = tempfile.mkdtemp() - os.system("%s %s install --root=%s >/dev/null" - % (sys.executable, self.setup, tmp)) + try: + os.system("%s %s install --root=%s >/dev/null" + % (sys.executable, self.setup, tmp)) - def strippath(l): - return [x[len(tmp)+1:] for x in l] + def strippath(l): + return [x[len(tmp)+1:] for x in l] - got = strippath(sorted(glob('%s/*' % tmp))) - need = ['etc', 'usr', 'var'] + got = strippath(sorted(glob('%s/*' % tmp))) + need = ['etc', 'usr', 'var'] - # if anything is missing - if set(need).difference(got): # pragma: no cover - # below code was actually to print out not missing but - # rather files in 'excess'. Left in place in case we - # decide to revert to such more strict test + # if anything is missing + if set(need).difference(got): # pragma: no cover + # below code was actually to print out not missing but + # rather files in 'excess'. Left in place in case we + # decide to revert to such more strict test - # based on - # http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python - def recursive_glob(treeroot, pattern): - results = [] - for base, dirs, files in os.walk(treeroot): - goodfiles = fnmatch.filter(dirs + files, pattern) - results.extend(os.path.join(base, f) for f in goodfiles) - return results + # based on + # http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python + def recursive_glob(treeroot, pattern): + results = [] + for base, dirs, files in os.walk(treeroot): + goodfiles = fnmatch.filter(dirs + files, pattern) + results.extend(os.path.join(base, f) for f in goodfiles) + return results - files = {} - for missing in set(got).difference(need): - missing_full = os.path.join(tmp, missing) - files[missing] = os.path.exists(missing_full) \ - and strippath(recursive_glob(missing_full, '*')) or None + files = {} + for missing in set(got).difference(need): + missing_full = os.path.join(tmp, missing) + files[missing] = os.path.exists(missing_full) \ + and strippath(recursive_glob(missing_full, '*')) or None - self.assertEqual( - got, need, - msg="Got: %s Needed: %s under %s. Files under new paths: %s" - % (got, need, tmp, files)) + self.assertEqual( + got, need, + msg="Got: %s Needed: %s under %s. Files under new paths: %s" + % (got, need, tmp, files)) - # Assure presence of some files we expect to see in the installation - for f in ('etc/fail2ban/fail2ban.conf', - 'etc/fail2ban/jail.conf'): - self.assertTrue(os.path.exists(os.path.join(tmp, f)), - msg="Can't find %s" % f) - - # clean up - shutil.rmtree(tmp) + # Assure presence of some files we expect to see in the installation + for f in ('etc/fail2ban/fail2ban.conf', + 'etc/fail2ban/jail.conf'): + self.assertTrue(os.path.exists(os.path.join(tmp, f)), + msg="Can't find %s" % f) + finally: + # clean up + shutil.rmtree(tmp) + # remove build directory + os.system("%s %s clean --all >/dev/null" + % (sys.executable, self.setup)) class TestsUtilsTest(unittest.TestCase):