Merge remote-tracking branch 'master' into sebres:ban-time-incr

pull/716/head
sebres 2014-12-05 17:41:45 +01:00
commit 27bc2e012d
4 changed files with 49 additions and 42 deletions

View File

@ -22,6 +22,8 @@ ver. 0.9.2 (2014/xx/xx) - increment ban time
- php-url-fopen: separate logpath entries by newline - php-url-fopen: separate logpath entries by newline
* failregex declared direct in jail was joined to single line (specifying of * failregex declared direct in jail was joined to single line (specifying of
multiple expressions was not possible). multiple expressions was not possible).
* filters.d/exim.conf - cover different settings of exim logs
details. Thanks bes.internal
- New Features: - New Features:
* increment ban time (+ observer) functionality introduced. * increment ban time (+ observer) functionality introduced.

View File

@ -14,10 +14,10 @@ before = exim-common.conf
[Definition] [Definition]
failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$ failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$
^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$ ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\](:\d+)?( I=\[\S+\](:\d+)?)?: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$
^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$
^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$ ^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$
^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$ ^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\](:\d+)? )?dropped: too many nonmail commands \(last was "\S+"\)\s*$
ignoreregex = ignoreregex =

View File

@ -40,3 +40,6 @@
# failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" } # failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" }
2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner) 2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner)
# failJSON: { "time": "2014-12-02T03:00:23", "match": true , "host": "193.254.202.35" }
2014-12-02 03:00:23 auth_plain authenticator failed for (rom182) [193.254.202.35]:41556 I=[10.0.0.1]:25: 535 Incorrect authentication data (set_id=webmaster)

View File

@ -56,21 +56,12 @@ class HelpersTest(unittest.TestCase):
# might be fragile due to ' vs " # might be fragile due to ' vs "
self.assertEqual(args, "('Very bad', None)") self.assertEqual(args, "('Very bad', None)")
# based on
# http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python
def recursive_glob(treeroot, pattern):
results = []
for base, dirs, files in os.walk(treeroot):
goodfiles = fnmatch.filter(dirs + files, pattern)
results.extend(os.path.join(base, f) for f in goodfiles)
return results
class SetupTest(unittest.TestCase): class SetupTest(unittest.TestCase):
def setUp(self): def setUp(self):
setup = os.path.join(os.path.dirname(__file__), '..', 'setup.py') setup = os.path.join(os.path.dirname(__file__), '..', '..', 'setup.py')
self.setup = os.path.exists(setup) and setup or None self.setup = os.path.exists(setup) and setup or None
if not self.setup and sys.version_info >= (2,7): # running not out of the source if not self.setup and sys.version_info >= (2,7): # pragma: no cover - running not out of the source
raise unittest.SkipTest( raise unittest.SkipTest(
"Seems to be running not out of source distribution" "Seems to be running not out of source distribution"
" -- cannot locate setup.py") " -- cannot locate setup.py")
@ -78,42 +69,53 @@ class SetupTest(unittest.TestCase):
def testSetupInstallRoot(self): def testSetupInstallRoot(self):
if not self.setup: return # if verbose skip didn't work out if not self.setup: return # if verbose skip didn't work out
tmp = tempfile.mkdtemp() tmp = tempfile.mkdtemp()
os.system("%s %s install --root=%s >/dev/null" try:
% (sys.executable, self.setup, tmp)) os.system("%s %s install --root=%s >/dev/null"
% (sys.executable, self.setup, tmp))
def addpath(l): def strippath(l):
return [os.path.join(tmp, x) for x in l] return [x[len(tmp)+1:] for x in l]
def strippath(l): got = strippath(sorted(glob('%s/*' % tmp)))
return [x[len(tmp)+1:] for x in l] need = ['etc', 'usr', 'var']
got = strippath(sorted(glob('%s/*' % tmp))) # if anything is missing
need = ['etc', 'usr', 'var'] if set(need).difference(got): # pragma: no cover
# below code was actually to print out not missing but
# rather files in 'excess'. Left in place in case we
# decide to revert to such more strict test
# if anything is missing # based on
if set(need).difference(got): # http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python
# below code was actually to print out not missing but def recursive_glob(treeroot, pattern):
# rather files in 'excess'. Left in place in case we results = []
# decide to revert to such more strict test for base, dirs, files in os.walk(treeroot):
files = {} goodfiles = fnmatch.filter(dirs + files, pattern)
for missing in set(got).difference(need): results.extend(os.path.join(base, f) for f in goodfiles)
missing_full = os.path.join(tmp, missing) return results
files[missing] = os.path.exists(missing_full) \
and strippath(recursive_glob(missing_full, '*')) or None
self.assertEqual( files = {}
got, need, for missing in set(got).difference(need):
msg="Got: %s Needed: %s under %s. Files under new paths: %s" missing_full = os.path.join(tmp, missing)
% (got, need, tmp, files)) files[missing] = os.path.exists(missing_full) \
and strippath(recursive_glob(missing_full, '*')) or None
# Assure presence of some files we expect to see in the installation self.assertEqual(
for f in ('etc/fail2ban/fail2ban.conf', got, need,
'etc/fail2ban/jail.conf'): msg="Got: %s Needed: %s under %s. Files under new paths: %s"
self.assertTrue(os.path.exists(os.path.join(tmp, f)), % (got, need, tmp, files))
msg="Can't find %s" % f)
# clean up # Assure presence of some files we expect to see in the installation
shutil.rmtree(tmp) for f in ('etc/fail2ban/fail2ban.conf',
'etc/fail2ban/jail.conf'):
self.assertTrue(os.path.exists(os.path.join(tmp, f)),
msg="Can't find %s" % f)
finally:
# clean up
shutil.rmtree(tmp)
# remove build directory
os.system("%s %s clean --all >/dev/null"
% (sys.executable, self.setup))
class TestsUtilsTest(unittest.TestCase): class TestsUtilsTest(unittest.TestCase):