From 5b6c13f0aae79a23d94570bacd1b5796e57f088d Mon Sep 17 00:00:00 2001 From: sebres Date: Thu, 30 Jan 2025 01:05:30 +0100 Subject: [PATCH] example.com changes the IPs, again... additionally it got more IPs, which look unstable now (depends on resolver), so replaced with fail2ban.org, that seems to resolve to single IPv4 and IPv6 (can be adjusted later for something more persistent) --- .../tests/files/logs/apache-fakegooglebot | 6 +- fail2ban/tests/files/testcase-usedns.log | 4 +- fail2ban/tests/filtertestcase.py | 58 +++++++++---------- fail2ban/tests/utils.py | 4 +- 4 files changed, 36 insertions(+), 36 deletions(-) diff --git a/fail2ban/tests/files/logs/apache-fakegooglebot b/fail2ban/tests/files/logs/apache-fakegooglebot index b77a1a6b..024842fd 100644 --- a/fail2ban/tests/files/logs/apache-fakegooglebot +++ b/fail2ban/tests/files/logs/apache-fakegooglebot @@ -1,5 +1,5 @@ # Apache 2.2 # failJSON: { "time": "2015-01-31T14:29:44", "match": true, "host": "66.249.66.1" } -66.249.66.1 - - - [31/Jan/2015:14:29:44 ] example.com "GET / HTTP/1.1" 200 814 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" + 293 1149 546 -# failJSON: { "time": "2015-01-31T14:29:44", "match": false, "host": "93.184.215.14" } -93.184.215.14 - - - [31/Jan/2015:14:29:44 ] example.com "GET / HTTP/1.1" 200 814 "-" "NOT A __GOOGLE_BOT__" + 293 1149 546 +66.249.66.1 - - - [31/Jan/2015:14:29:44 ] fail2ban.org "GET / HTTP/1.1" 200 814 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" + 293 1149 546 +# failJSON: { "time": "2015-01-31T14:29:44", "match": false, "host": "51.159.55.100" } +51.159.55.100 - - - [31/Jan/2015:14:29:44 ] fail2ban.org "GET / HTTP/1.1" 200 814 "-" "NOT A __GOOGLE_BOT__" + 293 1149 546 diff --git a/fail2ban/tests/files/testcase-usedns.log b/fail2ban/tests/files/testcase-usedns.log index eea6eb44..3e7b36bb 100644 --- a/fail2ban/tests/files/testcase-usedns.log +++ b/fail2ban/tests/files/testcase-usedns.log @@ -1,2 +1,2 @@ -Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2 -Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2 +Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from fail2ban.org port 51332 ssh2 +Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:51.159.55.100 port 51332 ssh2 diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py index 20945b78..26961a1b 100644 --- a/fail2ban/tests/filtertestcase.py +++ b/fail2ban/tests/filtertestcase.py @@ -587,14 +587,14 @@ class IgnoreIP(LogCaptureTestCase): self.assertNotLogged("returned successfully") def testIgnoreCauseOK(self): - ip = "93.184.215.14" + ip = "51.159.55.100" for ignore_source in ["dns", "ip", "command"]: self.filter.logIgnoreIp(ip, True, ignore_source=ignore_source) self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, ignore_source)) def testIgnoreCauseNOK(self): - self.filter.logIgnoreIp("example.com", False, ignore_source="NOT_LOGGED") - self.assertNotLogged("[%s] Ignore %s by %s" % (self.jail.name, "example.com", "NOT_LOGGED")) + self.filter.logIgnoreIp("fail2ban.org", False, ignore_source="NOT_LOGGED") + self.assertNotLogged("[%s] Ignore %s by %s" % (self.jail.name, "fail2ban.org", "NOT_LOGGED")) class IgnoreIPDNS(LogCaptureTestCase): @@ -607,7 +607,7 @@ class IgnoreIPDNS(LogCaptureTestCase): self.filter = FileFilter(self.jail) def testIgnoreIPDNS(self): - for dns in ("www.epfl.ch", "example.com"): + for dns in ("www.epfl.ch", "fail2ban.org"): self.filter.addIgnoreIP(dns) ips = DNSUtils.dnsToIp(dns) self.assertTrue(len(ips) > 0) @@ -1892,22 +1892,22 @@ class GetFailures(LogCaptureTestCase): #unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils. # We should still catch failures with usedns = no ;-) output_yes = ( - ('93.184.215.14', 1, 1124013299.0, - ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2'] + ('51.159.55.100', 1, 1124013299.0, + ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from fail2ban.org port 51332 ssh2'] ), - ('93.184.215.14', 1, 1124013539.0, - ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2'] + ('51.159.55.100', 1, 1124013539.0, + ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:51.159.55.100 port 51332 ssh2'] ), - ('2606:2800:21f:cb07:6820:80da:af6b:8b2c', 1, 1124013299.0, - ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2'] + ('2001:bc8:1200:6:208:a2ff:fe0c:61f8', 1, 1124013299.0, + ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from fail2ban.org port 51332 ssh2'] ), ) if not unittest.F2B.no_network and not DNSUtils.IPv6IsAllowed(): output_yes = output_yes[0:2] output_no = ( - ('93.184.215.14', 1, 1124013539.0, - ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2'] + ('51.159.55.100', 1, 1124013539.0, + ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:51.159.55.100 port 51332 ssh2'] ) ) @@ -2098,10 +2098,10 @@ class DNSUtilsNetworkTests(unittest.TestCase): super(DNSUtilsNetworkTests, self).setUp() #unittest.F2B.SkipIfNoNetwork() - ## example.com IPs considering IPv6 support (without network it is simulated via cache in utils). + ## fail2ban.org IPs considering IPv6 support (without network it is simulated via cache in utils). EXAMPLE_ADDRS = ( - ['93.184.215.14', '2606:2800:21f:cb07:6820:80da:af6b:8b2c'] if unittest.F2B.no_network or DNSUtils.IPv6IsAllowed() else \ - ['93.184.215.14'] + ['51.159.55.100', '2001:bc8:1200:6:208:a2ff:fe0c:61f8'] if unittest.F2B.no_network or DNSUtils.IPv6IsAllowed() else \ + ['51.159.55.100'] ) def test_IPAddr(self): @@ -2163,13 +2163,13 @@ class DNSUtilsNetworkTests(unittest.TestCase): self.assertTrue(r < ip6) def testUseDns(self): - res = DNSUtils.textToIp('www.example.com', 'no') + res = DNSUtils.textToIp('www.fail2ban.org', 'no') self.assertSortedEqual(res, []) #unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils. - res = DNSUtils.textToIp('www.example.com', 'warn') + res = DNSUtils.textToIp('www.fail2ban.org', 'warn') # sort ipaddr, IPv4 is always smaller as IPv6 self.assertSortedEqual(res, self.EXAMPLE_ADDRS) - res = DNSUtils.textToIp('www.example.com', 'yes') + res = DNSUtils.textToIp('www.fail2ban.org', 'yes') # sort ipaddr, IPv4 is always smaller as IPv6 self.assertSortedEqual(res, self.EXAMPLE_ADDRS) @@ -2177,13 +2177,13 @@ class DNSUtilsNetworkTests(unittest.TestCase): #unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils. # Test hostnames hostnames = [ - 'www.example.com', + 'www.fail2ban.org', 'doh1.2.3.4.buga.xxxxx.yyy.invalid', '1.2.3.4.buga.xxxxx.yyy.invalid', ] for s in hostnames: res = DNSUtils.textToIp(s, 'yes') - if s == 'www.example.com': + if s == 'www.fail2ban.org': # sort ipaddr, IPv4 is always smaller as IPv6 self.assertSortedEqual(res, self.EXAMPLE_ADDRS) else: @@ -2234,8 +2234,8 @@ class DNSUtilsNetworkTests(unittest.TestCase): self.assertEqual(IPAddr('192.0.2.0').getPTR(), '0.2.0.192.in-addr.arpa.') self.assertEqual(IPAddr('192.0.2.1').getPTR(), '1.2.0.192.in-addr.arpa.') - self.assertEqual(IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c').getPTR(), - 'c.2.b.8.b.6.f.a.a.d.0.8.0.2.8.6.7.0.b.c.f.1.2.0.0.0.8.2.6.0.6.2.ip6.arpa.') + self.assertEqual(IPAddr('2001:db8::1').getPTR(), + '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.') def testIPAddr_Equal6(self): self.assertEqual( @@ -2365,10 +2365,10 @@ class DNSUtilsNetworkTests(unittest.TestCase): def testIPAddr_CompareDNS(self): #unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils. - ips = IPAddr('example.com') - self.assertTrue(IPAddr("93.184.215.14").isInNet(ips)) - self.assertEqual(IPAddr("2606:2800:21f:cb07:6820:80da:af6b:8b2c").isInNet(ips), - "2606:2800:21f:cb07:6820:80da:af6b:8b2c" in self.EXAMPLE_ADDRS) + ips = IPAddr('fail2ban.org') + self.assertTrue(IPAddr("51.159.55.100").isInNet(ips)) + self.assertEqual(IPAddr("2001:bc8:1200:6:208:a2ff:fe0c:61f8").isInNet(ips), + "2001:bc8:1200:6:208:a2ff:fe0c:61f8" in self.EXAMPLE_ADDRS) def testIPAddr_wrongDNS_IP(self): unittest.F2B.SkipIfNoNetwork() @@ -2376,11 +2376,11 @@ class DNSUtilsNetworkTests(unittest.TestCase): DNSUtils.ipToName('*') def testIPAddr_Cached(self): - ips = [DNSUtils.dnsToIp('example.com'), DNSUtils.dnsToIp('example.com')] + ips = [DNSUtils.dnsToIp('fail2ban.org'), DNSUtils.dnsToIp('fail2ban.org')] for ip1, ip2 in zip(ips, ips): self.assertEqual(id(ip1), id(ip2)) - ip1 = IPAddr('93.184.215.14'); ip2 = IPAddr('93.184.215.14'); self.assertEqual(id(ip1), id(ip2)) - ip1 = IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'); ip2 = IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'); self.assertEqual(id(ip1), id(ip2)) + ip1 = IPAddr('51.159.55.100'); ip2 = IPAddr('51.159.55.100'); self.assertEqual(id(ip1), id(ip2)) + ip1 = IPAddr('2001:bc8:1200:6:208:a2ff:fe0c:61f8'); ip2 = IPAddr('2001:bc8:1200:6:208:a2ff:fe0c:61f8'); self.assertEqual(id(ip1), id(ip2)) def test_NetworkInterfacesAddrs(self): for withMask in (False, True): diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py index f71ba60a..e6ef54f3 100644 --- a/fail2ban/tests/utils.py +++ b/fail2ban/tests/utils.py @@ -326,8 +326,8 @@ def initTests(opts): ('failed.dns.ch', set()), ('doh1.2.3.4.buga.xxxxx.yyy.invalid', set()), ('1.2.3.4.buga.xxxxx.yyy.invalid', set()), - ('example.com', set([IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'), IPAddr('93.184.215.14')])), - ('www.example.com', set([IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'), IPAddr('93.184.215.14')])), + ('fail2ban.org', set([IPAddr('2001:bc8:1200:6:208:a2ff:fe0c:61f8'), IPAddr('51.159.55.100')])), + ('www.fail2ban.org', set([IPAddr('2001:bc8:1200:6:208:a2ff:fe0c:61f8'), IPAddr('51.159.55.100')])), ): c.set(*i) # if fast - precache all host names as localhost addresses (speed-up getSelfIPs/ignoreself):