diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py index 01c2e059..2b8d89f1 100644 --- a/fail2ban/server/filter.py +++ b/fail2ban/server/filter.py @@ -598,6 +598,24 @@ class Filter(JailThread): return users return None + # # ATM incremental (non-empty only) merge deactivated ... + # @staticmethod + # def _updateFailure(self, mlfidGroups, fail): + # # reset old failure-ids when new types of id available in this failure: + # fids = set() + # for k in ('fid', 'ip4', 'ip6', 'dns'): + # if fail.get(k): + # fids.add(k) + # if fids: + # for k in ('fid', 'ip4', 'ip6', 'dns'): + # if k not in fids: + # try: + # del mlfidGroups[k] + # except: + # pass + # # update not empty values: + # mlfidGroups.update(((k,v) for k,v in fail.iteritems() if v)) + def _mergeFailure(self, mlfid, fail, failRegex): mlfidFail = self.mlfidCache.get(mlfid) if self.__mlfidCache else None users = None @@ -614,8 +632,14 @@ class Filter(JailThread): del mlfidGroups['nofail'] except KeyError: pass - # update not empty values: - mlfidGroups.update(((k,v) for k,v in fail.iteritems() if v)) + # # ATM incremental (non-empty only) merge deactivated (for future version only), + # # it can be simulated using alternate value tags, like ..., + # # so previous value 'val' will be overwritten only if 'alt_val' is not empty... + # _updateFailure(mlfidGroups, fail) + # + # overwrite multi-line failure with all values, available in fail: + mlfidGroups.update(fail) + # new merged failure data: fail = mlfidGroups # if forget (disconnect/reset) - remove cached entry: if nfflgs & 2: diff --git a/fail2ban/tests/files/logs/sshd b/fail2ban/tests/files/logs/sshd index 8f7ba264..7526c32b 100644 --- a/fail2ban/tests/files/logs/sshd +++ b/fail2ban/tests/files/logs/sshd @@ -134,7 +134,7 @@ Sep 29 17:15:02 spaceman sshd[12946]: Failed password for user from 127.0.0.1 po # failJSON: { "time": "2004-09-29T17:15:02", "match": true , "host": "127.0.0.1", "desc": "Injecting while exhausting initially present {0,100} match length limits set for ruser etc" } Sep 29 17:15:02 spaceman sshd[12946]: Failed password for user from 127.0.0.1 port 20000 ssh1: ruser XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX from 1.2.3.4 # failJSON: { "time": "2004-09-29T17:15:03", "match": true , "host": "aaaa:bbbb:cccc:1234::1:1", "desc": "Injecting while exhausting initially present {0,100} match length limits set for ruser etc" } -Sep 29 17:15:03 spaceman sshd[12947]: Failed password for user from aaaa:bbbb:cccc:1234::1:1 port 20000 ssh1: ruser XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX from 1.2.3.4 +Sep 29 17:15:03 spaceman sshd[12946]: Failed password for user from aaaa:bbbb:cccc:1234::1:1 port 20000 ssh1: ruser XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX from 1.2.3.4 # failJSON: { "time": "2004-11-11T08:04:51", "match": true , "host": "127.0.0.1", "desc": "Injecting on username ssh 'from 10.10.1.1'@localhost" } Nov 11 08:04:51 redbamboo sshd[2737]: Failed password for invalid user from 10.10.1.1 from 127.0.0.1 port 58946 ssh2 diff --git a/fail2ban/tests/samplestestcase.py b/fail2ban/tests/samplestestcase.py index 3322b5b0..1d326c31 100644 --- a/fail2ban/tests/samplestestcase.py +++ b/fail2ban/tests/samplestestcase.py @@ -262,8 +262,12 @@ def testSampleRegexsFactory(name, basedir): regexsUsedIdx.add(failregex) regexsUsedRe.add(regexList[failregex]) except AssertionError as e: # pragma: no cover - raise AssertionError("%s: %s on: %s:%i, line:\n%s\nfaildata:%r, fail:%r" % ( - fltName, e, logFile.filename(), logFile.filelineno(), line, faildata, fail)) + import pprint + raise AssertionError("%s: %s on: %s:%i, line:\n%s\n" + "faildata: %s\nfail: %s" % ( + fltName, e, logFile.filename(), logFile.filelineno(), line, + '\n'.join(pprint.pformat(faildata).splitlines()), + '\n'.join(pprint.pformat(fail).splitlines()))) # check missing samples for regex using each filter-options combination: for fltName, flt in self._filters.iteritems():