mirror of https://github.com/fail2ban/fail2ban
Merge remote-tracking branch 'master' into sebres:ban-time-incr
commit
27bc2e012d
|
@ -22,6 +22,8 @@ ver. 0.9.2 (2014/xx/xx) - increment ban time
|
||||||
- php-url-fopen: separate logpath entries by newline
|
- php-url-fopen: separate logpath entries by newline
|
||||||
* failregex declared direct in jail was joined to single line (specifying of
|
* failregex declared direct in jail was joined to single line (specifying of
|
||||||
multiple expressions was not possible).
|
multiple expressions was not possible).
|
||||||
|
* filters.d/exim.conf - cover different settings of exim logs
|
||||||
|
details. Thanks bes.internal
|
||||||
|
|
||||||
- New Features:
|
- New Features:
|
||||||
* increment ban time (+ observer) functionality introduced.
|
* increment ban time (+ observer) functionality introduced.
|
||||||
|
|
|
@ -14,10 +14,10 @@ before = exim-common.conf
|
||||||
[Definition]
|
[Definition]
|
||||||
|
|
||||||
failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$
|
failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$
|
||||||
^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$
|
^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\](:\d+)?( I=\[\S+\](:\d+)?)?: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$
|
||||||
^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$
|
^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$
|
||||||
^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$
|
^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$
|
||||||
^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$
|
^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\](:\d+)? )?dropped: too many nonmail commands \(last was "\S+"\)\s*$
|
||||||
|
|
||||||
ignoreregex =
|
ignoreregex =
|
||||||
|
|
||||||
|
|
|
@ -40,3 +40,6 @@
|
||||||
|
|
||||||
# failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" }
|
# failJSON: { "time": "2014-01-12T02:07:48", "match": true , "host": "85.214.85.40" }
|
||||||
2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner)
|
2014-01-12 02:07:48 dovecot_login authenticator failed for h1832461.stratoserver.net (User) [85.214.85.40]: 535 Incorrect authentication data (set_id=scanner)
|
||||||
|
|
||||||
|
# failJSON: { "time": "2014-12-02T03:00:23", "match": true , "host": "193.254.202.35" }
|
||||||
|
2014-12-02 03:00:23 auth_plain authenticator failed for (rom182) [193.254.202.35]:41556 I=[10.0.0.1]:25: 535 Incorrect authentication data (set_id=webmaster)
|
||||||
|
|
|
@ -56,21 +56,12 @@ class HelpersTest(unittest.TestCase):
|
||||||
# might be fragile due to ' vs "
|
# might be fragile due to ' vs "
|
||||||
self.assertEqual(args, "('Very bad', None)")
|
self.assertEqual(args, "('Very bad', None)")
|
||||||
|
|
||||||
# based on
|
|
||||||
# http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python
|
|
||||||
def recursive_glob(treeroot, pattern):
|
|
||||||
results = []
|
|
||||||
for base, dirs, files in os.walk(treeroot):
|
|
||||||
goodfiles = fnmatch.filter(dirs + files, pattern)
|
|
||||||
results.extend(os.path.join(base, f) for f in goodfiles)
|
|
||||||
return results
|
|
||||||
|
|
||||||
class SetupTest(unittest.TestCase):
|
class SetupTest(unittest.TestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
setup = os.path.join(os.path.dirname(__file__), '..', 'setup.py')
|
setup = os.path.join(os.path.dirname(__file__), '..', '..', 'setup.py')
|
||||||
self.setup = os.path.exists(setup) and setup or None
|
self.setup = os.path.exists(setup) and setup or None
|
||||||
if not self.setup and sys.version_info >= (2,7): # running not out of the source
|
if not self.setup and sys.version_info >= (2,7): # pragma: no cover - running not out of the source
|
||||||
raise unittest.SkipTest(
|
raise unittest.SkipTest(
|
||||||
"Seems to be running not out of source distribution"
|
"Seems to be running not out of source distribution"
|
||||||
" -- cannot locate setup.py")
|
" -- cannot locate setup.py")
|
||||||
|
@ -78,42 +69,53 @@ class SetupTest(unittest.TestCase):
|
||||||
def testSetupInstallRoot(self):
|
def testSetupInstallRoot(self):
|
||||||
if not self.setup: return # if verbose skip didn't work out
|
if not self.setup: return # if verbose skip didn't work out
|
||||||
tmp = tempfile.mkdtemp()
|
tmp = tempfile.mkdtemp()
|
||||||
os.system("%s %s install --root=%s >/dev/null"
|
try:
|
||||||
% (sys.executable, self.setup, tmp))
|
os.system("%s %s install --root=%s >/dev/null"
|
||||||
|
% (sys.executable, self.setup, tmp))
|
||||||
|
|
||||||
def addpath(l):
|
def strippath(l):
|
||||||
return [os.path.join(tmp, x) for x in l]
|
return [x[len(tmp)+1:] for x in l]
|
||||||
|
|
||||||
def strippath(l):
|
got = strippath(sorted(glob('%s/*' % tmp)))
|
||||||
return [x[len(tmp)+1:] for x in l]
|
need = ['etc', 'usr', 'var']
|
||||||
|
|
||||||
got = strippath(sorted(glob('%s/*' % tmp)))
|
# if anything is missing
|
||||||
need = ['etc', 'usr', 'var']
|
if set(need).difference(got): # pragma: no cover
|
||||||
|
# below code was actually to print out not missing but
|
||||||
|
# rather files in 'excess'. Left in place in case we
|
||||||
|
# decide to revert to such more strict test
|
||||||
|
|
||||||
# if anything is missing
|
# based on
|
||||||
if set(need).difference(got):
|
# http://stackoverflow.com/questions/2186525/use-a-glob-to-find-files-recursively-in-python
|
||||||
# below code was actually to print out not missing but
|
def recursive_glob(treeroot, pattern):
|
||||||
# rather files in 'excess'. Left in place in case we
|
results = []
|
||||||
# decide to revert to such more strict test
|
for base, dirs, files in os.walk(treeroot):
|
||||||
files = {}
|
goodfiles = fnmatch.filter(dirs + files, pattern)
|
||||||
for missing in set(got).difference(need):
|
results.extend(os.path.join(base, f) for f in goodfiles)
|
||||||
missing_full = os.path.join(tmp, missing)
|
return results
|
||||||
files[missing] = os.path.exists(missing_full) \
|
|
||||||
and strippath(recursive_glob(missing_full, '*')) or None
|
|
||||||
|
|
||||||
self.assertEqual(
|
files = {}
|
||||||
got, need,
|
for missing in set(got).difference(need):
|
||||||
msg="Got: %s Needed: %s under %s. Files under new paths: %s"
|
missing_full = os.path.join(tmp, missing)
|
||||||
% (got, need, tmp, files))
|
files[missing] = os.path.exists(missing_full) \
|
||||||
|
and strippath(recursive_glob(missing_full, '*')) or None
|
||||||
|
|
||||||
# Assure presence of some files we expect to see in the installation
|
self.assertEqual(
|
||||||
for f in ('etc/fail2ban/fail2ban.conf',
|
got, need,
|
||||||
'etc/fail2ban/jail.conf'):
|
msg="Got: %s Needed: %s under %s. Files under new paths: %s"
|
||||||
self.assertTrue(os.path.exists(os.path.join(tmp, f)),
|
% (got, need, tmp, files))
|
||||||
msg="Can't find %s" % f)
|
|
||||||
|
|
||||||
# clean up
|
# Assure presence of some files we expect to see in the installation
|
||||||
shutil.rmtree(tmp)
|
for f in ('etc/fail2ban/fail2ban.conf',
|
||||||
|
'etc/fail2ban/jail.conf'):
|
||||||
|
self.assertTrue(os.path.exists(os.path.join(tmp, f)),
|
||||||
|
msg="Can't find %s" % f)
|
||||||
|
finally:
|
||||||
|
# clean up
|
||||||
|
shutil.rmtree(tmp)
|
||||||
|
# remove build directory
|
||||||
|
os.system("%s %s clean --all >/dev/null"
|
||||||
|
% (sys.executable, self.setup))
|
||||||
|
|
||||||
class TestsUtilsTest(unittest.TestCase):
|
class TestsUtilsTest(unittest.TestCase):
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue