mirror of https://github.com/fail2ban/fail2ban
- Updated main loop (needed by logreader optimization)
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@94 a942ae1a-1317-0410-a47c-b1dcaea8d6050.6
Cyril Jaquier
parent
3368f7dd14
commit
4d9615f68a
35
fail2ban.py
35
fail2ban.py
|
|
@ -475,6 +475,7 @@ if __name__ == "__main__":
|
||||||
element.addIgnoreIP(ip)
|
element.addIgnoreIP(ip)
|
||||||
|
|
||||||
logSys.info("Fail2Ban v"+version+" is running")
|
logSys.info("Fail2Ban v"+version+" is running")
|
||||||
|
failListFull = dict()
|
||||||
# Main loop
|
# Main loop
|
||||||
while True:
|
while True:
|
||||||
try:
|
try:
|
||||||
|
|
@ -505,20 +506,36 @@ if __name__ == "__main__":
|
||||||
for key in e.iterkeys():
|
for key in e.iterkeys():
|
||||||
if failList.has_key(key):
|
if failList.has_key(key):
|
||||||
if failList[key][0] < e[key][0]:
|
if failList[key][0] < e[key][0]:
|
||||||
failList[key] = (e[key][0], e[key][1],
|
failList[key] = (e[key][0], e[key][1], element)
|
||||||
element.getName())
|
|
||||||
else:
|
else:
|
||||||
failList[key] = (e[key][0], e[key][1],
|
failList[key] = (e[key][0], e[key][1], element)
|
||||||
element.getName())
|
|
||||||
|
|
||||||
|
# Add the last log failures to the global failure list.
|
||||||
|
for key in failList.iterkeys():
|
||||||
|
if failListFull.has_key(key):
|
||||||
|
failListFull[key] = (failListFull[key][0] + 1,
|
||||||
|
failList[key][1], failList[key][2])
|
||||||
|
else:
|
||||||
|
failListFull[key] = failList[key]
|
||||||
|
|
||||||
|
# Remove the oldest failure attempts from the global list.
|
||||||
|
unixTime = time.time()
|
||||||
|
failListFullTemp = failListFull.copy()
|
||||||
|
for key in failListFullTemp.iterkeys():
|
||||||
|
failTime = failListFullTemp[key][2].getFindTime()
|
||||||
|
if failListFullTemp[key][1] < unixTime - failTime:
|
||||||
|
del failListFull[key]
|
||||||
|
|
||||||
# We iterate the failure list and ban IP that make
|
# We iterate the failure list and ban IP that make
|
||||||
# *retryAllowed* login failures.
|
# *retryAllowed* login failures.
|
||||||
for element in failList.iteritems():
|
failListFullTemp = failListFull.copy()
|
||||||
if element[1][0] >= conf["maxretry"]:
|
for key in failListFullTemp.iterkeys():
|
||||||
logSys.info(`element[1][2]`+": "+element[0]+" has "+
|
element = failListFullTemp[key]
|
||||||
`element[1][0]`+" login failure(s). Banned.")
|
if element[0] >= conf["maxretry"]:
|
||||||
fireWall.addBanIP(element[0], conf["debug"])
|
logSys.info(element[2].getName()+": "+key+" has "+
|
||||||
|
`element[0]`+" login failure(s). Banned.")
|
||||||
|
fireWall.addBanIP(key, conf["debug"])
|
||||||
|
del failListFull[key]
|
||||||
|
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
# When the user press <ctrl>+<c> we exit nicely.
|
# When the user press <ctrl>+<c> we exit nicely.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue