normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400';

code review and test case extended;
pull/716/head
sebres 2014-10-24 01:32:04 +02:00
parent 48cd1262fe
commit 293a5066d2
7 changed files with 23 additions and 11 deletions

View File

@ -60,4 +60,4 @@ dbfile = /var/lib/fail2ban/fail2ban.sqlite3
# Options: dbpurgeage
# Notes.: Sets age at which bans should be purged from the database
# Values: [ SECONDS ] Default: 86400 (24hours)
dbpurgeage = 86400
dbpurgeage = 1d

View File

@ -18,7 +18,7 @@
# See man 5 jail.conf for details.
#
# [DEFAULT]
# bantime = 3600
# bantime = 1h
#
# [sshd]
# enabled = true
@ -50,7 +50,7 @@ before = paths-debian.conf
# "bantime.rndtime" is the max number of seconds using for mixing with random time
# to prevent "clever" botnets calculate exact time IP can be unbanned again:
#bantime.rndtime = 5*60
#bantime.rndtime =
# "bantime.maxtime" is the max number of seconds using the ban time can reach (don't grows further)
#bantime.maxtime =
@ -94,11 +94,11 @@ ignoreip = 127.0.0.1/8
ignorecommand =
# "bantime" is the number of seconds that a host is banned.
bantime = 600
bantime = 10m
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 600
findtime = 10m
# "maxretry" is the number of failures before a host get banned.
maxretry = 5
@ -283,7 +283,7 @@ logpath = %(apache_error_log)s
# for email addresses. The mail outputs are buffered.
port = http,https
logpath = %(apache_access_log)s
bantime = 172800
bantime = 48h
maxretry = 1
@ -695,8 +695,8 @@ maxretry = 5
logpath = /var/log/fail2ban.log
port = all
protocol = all
bantime = 604800 ; 1 week
findtime = 86400 ; 1 day
bantime = 1w
findtime = 1d
maxretry = 5

View File

@ -47,7 +47,7 @@ class Fail2banReader(ConfigReader):
opts = [["string", "loglevel", "INFO" ],
["string", "logtarget", "STDERR"],
["string", "dbfile", "/var/lib/fail2ban/fail2ban.sqlite3"],
["int", "dbpurgeage", 86400]]
["string", "dbpurgeage", "1d"]]
self.__opts = ConfigReader.getOptions(self, "Definition", opts)
def convert(self):

View File

@ -193,7 +193,7 @@ class Fail2BanDb(object):
@purgeage.setter
def purgeage(self, value):
self._purgeAge = int(value)
self._purgeAge = MyTime.str2seconds(value)
@commitandrollback
def createDb(self, cur):

View File

@ -111,6 +111,9 @@ class MyTime:
def str2seconds(val):
if isinstance(val, (int, long, float, complex)):
return val
# replace together standing abbreviations, example '1d12h' -> '1d 12h':
val = re.sub(r"(?i)(?<=[a-z])(\d)", r" \1", val)
# replace abbreviation with expression:
for rexp, rpl in (
(r"days?|da|dd?", 24*60*60), (r"week?|wee?|ww?", 7*24*60*60), (r"months?|mon?", (365*3+366)*24*60*60/4/12),
(r"years?|yea?|yy?", (365*3+366)*24*60*60/4),

View File

@ -576,7 +576,7 @@ class JailsReaderTest(LogCaptureTestCase):
self.assertEqual(sorted(commands),
[['set', 'dbfile',
'/var/lib/fail2ban/fail2ban.sqlite3'],
['set', 'dbpurgeage', 86400],
['set', 'dbpurgeage', '1d'],
['set', 'loglevel', "INFO"],
['set', 'logtarget', '/var/log/fail2ban.log']])

View File

@ -69,6 +69,15 @@ class DatabaseTest(LogCaptureTestCase):
return
self.assertEqual(self.dbFilename, self.db.filename)
def testPurgeAge(self):
if Fail2BanDb is None: # pragma: no cover
return
self.assertEqual(self.db.purgeage, 86400)
self.db.purgeage = '1y6mon15d5h30m'
self.assertEqual(self.db.purgeage, 48652200)
self.db.purgeage = '2y 12mon 30d 10h 60m'
self.assertEqual(self.db.purgeage, 48652200*2)
def testCreateInvalidPath(self):
if Fail2BanDb is None: # pragma: no cover
return