github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch '0.10' into 0.11 - test cases only (add ban to database was moved to observer in 0.11)

pull/2656/head
sebres 2020-03-02 19:17:16 +01:00
parent f088e7bf76 15158e4474
commit 2ddf687c31
4 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -39,6 +39,7 @@ ver. 0.11.2-dev (20??/??/??) - development edition
### Fixes ### Fixes
* restoring a large number (500+ depending on files ulimit) of current bans when using PyPy fixed * restoring a large number (500+ depending on files ulimit) of current bans when using PyPy fixed
* manual ban is written to database, so can be restored by restart (gh-2647)
### New Features ### New Features

4
fail2ban/server/actions.py
View File

@ -476,7 +476,7 @@ class Actions(JailThread, Mapping):
# do actions : # do actions :
for name, action in self._actions.iteritems(): for name, action in self._actions.iteritems():
try: try:
if ticket.restored and getattr(action, 'norestored', False): if bTicket.restored and getattr(action, 'norestored', False):
continue continue
if not aInfo.immutable: aInfo.reset() if not aInfo.immutable: aInfo.reset()
action.ban(aInfo) action.ban(aInfo)
@ -522,6 +522,8 @@ class Actions(JailThread, Mapping):
cnt += self.__reBan(bTicket, actions=rebanacts) cnt += self.__reBan(bTicket, actions=rebanacts)
else: # pragma: no cover - unexpected: ticket is not banned for some reasons - reban using all actions: else: # pragma: no cover - unexpected: ticket is not banned for some reasons - reban using all actions:
cnt += self.__reBan(bTicket) cnt += self.__reBan(bTicket)
# add ban to database moved to observer (should previously check not already banned
# and increase ticket time if "bantime.increment" set)
if cnt: if cnt:
logSys.debug("Banned %s / %s, %s ticket(s) in %r", cnt, logSys.debug("Banned %s / %s, %s ticket(s) in %r", cnt,
self.__banManager.getBanTotal(), self.__banManager.size(), self._jail.name) self.__banManager.getBanTotal(), self.__banManager.size(), self._jail.name)

1
fail2ban/tests/databasetestcase.py
View File

@ -543,6 +543,7 @@ class DatabaseTest(LogCaptureTestCase):
# test action together with database functionality # test action together with database functionality
self.testAddJail() # Jail required self.testAddJail() # Jail required
self.jail.database = self.db self.jail.database = self.db
self.db.addJail(self.jail)
actions = Actions(self.jail) actions = Actions(self.jail)
actions.add( actions.add(
"action_checkainfo", "action_checkainfo",

23
fail2ban/tests/fail2banclienttestcase.py
View File

@ -1005,8 +1005,8 @@ class Fail2banServerTest(Fail2banClientServerBase):
# leave action2 just to test restored interpolation: # leave action2 just to test restored interpolation:
_write_jail_cfg(actions=[2,3]) _write_jail_cfg(actions=[2,3])
# write new failures:
self.pruneLog("[test-phase 2b]") self.pruneLog("[test-phase 2b]")
# write new failures:
_write_file(test2log, "w+", *( _write_file(test2log, "w+", *(
(str(int(MyTime.time())) + " error 403 from 192.0.2.2: test 2",) * 3 + (str(int(MyTime.time())) + " error 403 from 192.0.2.2: test 2",) * 3 +
(str(int(MyTime.time())) + " error 403 from 192.0.2.3: test 2",) * 3 + (str(int(MyTime.time())) + " error 403 from 192.0.2.3: test 2",) * 3 +
@ -1019,13 +1019,19 @@ class Fail2banServerTest(Fail2banClientServerBase):
self.assertLogged( self.assertLogged(
"2 ticket(s) in 'test-jail2", "2 ticket(s) in 'test-jail2",
"5 ticket(s) in 'test-jail1", all=True, wait=MID_WAITTIME) "5 ticket(s) in 'test-jail1", all=True, wait=MID_WAITTIME)
# ban manually to cover restore in restart (phase 2c):
self.execCmd(SUCCESS, startparams,
"set", "test-jail2", "banip", "192.0.2.9")
self.assertLogged(
"3 ticket(s) in 'test-jail2", wait=MID_WAITTIME)
self.assertLogged( self.assertLogged(
"[test-jail1] Ban 192.0.2.2", "[test-jail1] Ban 192.0.2.2",
"[test-jail1] Ban 192.0.2.3", "[test-jail1] Ban 192.0.2.3",
"[test-jail1] Ban 192.0.2.4", "[test-jail1] Ban 192.0.2.4",
"[test-jail1] Ban 192.0.2.8", "[test-jail1] Ban 192.0.2.8",
"[test-jail2] Ban 192.0.2.4", "[test-jail2] Ban 192.0.2.4",
"[test-jail2] Ban 192.0.2.8", all=True) "[test-jail2] Ban 192.0.2.8",
"[test-jail2] Ban 192.0.2.9", all=True)
# test ips at all not visible for jail2: # test ips at all not visible for jail2:
self.assertNotLogged( self.assertNotLogged(
"[test-jail2] Found 192.0.2.2", "[test-jail2] Found 192.0.2.2",
@ -1047,15 +1053,17 @@ class Fail2banServerTest(Fail2banClientServerBase):
self.assertLogged( self.assertLogged(
"Reload finished.", "Reload finished.",
"Restore Ban", "Restore Ban",
"2 ticket(s) in 'test-jail2", all=True, wait=MID_WAITTIME) "3 ticket(s) in 'test-jail2", all=True, wait=MID_WAITTIME)
# stop/start and unban/restore ban: # stop/start and unban/restore ban:
self.assertLogged( self.assertLogged(
"Jail 'test-jail2' stopped",
"Jail 'test-jail2' started",
"[test-jail2] Unban 192.0.2.4", "[test-jail2] Unban 192.0.2.4",
"[test-jail2] Unban 192.0.2.8", "[test-jail2] Unban 192.0.2.8",
"[test-jail2] Unban 192.0.2.9",
"Jail 'test-jail2' stopped",
"Jail 'test-jail2' started",
"[test-jail2] Restore Ban 192.0.2.4", "[test-jail2] Restore Ban 192.0.2.4",
"[test-jail2] Restore Ban 192.0.2.8", all=True "[test-jail2] Restore Ban 192.0.2.8",
"[test-jail2] Restore Ban 192.0.2.9", all=True
) )
# test restored is 1 (only test-action2): # test restored is 1 (only test-action2):
self.assertLogged( self.assertLogged(
@ -1100,7 +1108,8 @@ class Fail2banServerTest(Fail2banClientServerBase):
"Jail 'test-jail2' stopped", "Jail 'test-jail2' stopped",
"Jail 'test-jail2' started", "Jail 'test-jail2' started",
"[test-jail2] Unban 192.0.2.4", "[test-jail2] Unban 192.0.2.4",
"[test-jail2] Unban 192.0.2.8", all=True "[test-jail2] Unban 192.0.2.8",
"[test-jail2] Unban 192.0.2.9", all=True
) )
# test unban (action2): # test unban (action2):
self.assertLogged( self.assertLogged(