example.com seemed to switch its IPs, replace them everywhere (and use test IP-range instead where it is possible)

2024-04-24 19:14:43 +02:00 · 2024-04-24 19:14:43 +02:00 · 7b528a6da6
parent 3ca3646472
commit 7b528a6da6
7 changed files with 37 additions and 37 deletions
--- a/fail2ban/tests/files/logs/apache-auth
+++ b/fail2ban/tests/files/logs/apache-auth
@ -8,8 +8,8 @@
 # failJSON: { "time": "2013-07-11T01:21:43", "match": true , "host": "194.228.20.113" } 
 [Thu Jul 11 01:21:43 2013] [error] [client 194.228.20.113] user dsfasdf not found: /
-# failJSON: { "time": "2013-07-11T01:21:44", "match": true , "host": "2606:2800:220:1:248:1893:25c8:1946" } 
+# failJSON: { "time": "2013-07-11T01:21:44", "match": true , "host": "2001:db8::80da:af6b:8b2c" } 
-[Thu Jul 11 01:21:44 2013] [error] [client 2606:2800:220:1:248:1893:25c8:1946] user test-ipv6 not found: /
+[Thu Jul 11 01:21:44 2013] [error] [client 2001:db8::80da:af6b:8b2c] user test-ipv6 not found: /
 # The failures below use the configuration described in fail2ban/tests/files/config/apache-auth
 #
@ -58,8 +58,8 @@
 # failJSON: { "time": "2013-07-20T22:11:43", "match": true , "host": "127.0.0.1" } 
 [Sat Jul 20 22:11:43.147674 2013] [authz_owner:error] [pid 17540:tid 140122922129152] [client 127.0.0.1:51548] AH01637: Authorization of user username to access /basic/authz_owner/cant_get_me.html failed, reason: file owner dan does not match
-# failJSON: { "time": "2013-07-20T22:11:44", "match": true , "host": "2606:2800:220:1:248:1893:25c8:1946" } 
+# failJSON: { "time": "2013-07-20T22:11:44", "match": true , "host": "2001:db8::80da:af6b:8b2c" } 
-[Sat Jul 20 22:11:44.147674 2013] [authz_owner:error] [pid 17540:tid 140122922129152] [client [2606:2800:220:1:248:1893:25c8:1946]:51548] AH01637: Authorization of user test-ipv6 to access /basic/authz_owner/cant_get_me.html failed, reason: file owner dan does not match
+[Sat Jul 20 22:11:44.147674 2013] [authz_owner:error] [pid 17540:tid 140122922129152] [client [2001:db8::80da:af6b:8b2c]:51548] AH01637: Authorization of user test-ipv6 to access /basic/authz_owner/cant_get_me.html failed, reason: file owner dan does not match
 # wget --http-user=username --http-password=password http://localhost/basic/authz_owner/cant_get_me.html -O /dev/null
 # failJSON: { "time": "2013-07-20T21:42:44", "match": true , "host": "127.0.0.1" } 
--- a/fail2ban/tests/files/logs/apache-fakegooglebot
+++ b/fail2ban/tests/files/logs/apache-fakegooglebot
@ -1,5 +1,5 @@
 # Apache 2.2
 # failJSON: { "time": "2015-01-31T14:29:44", "match": true, "host": "66.249.66.1" }
 66.249.66.1 - - - [31/Jan/2015:14:29:44 ] example.com "GET / HTTP/1.1" 200 814 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" + 293 1149 546
-# failJSON: { "time": "2015-01-31T14:29:44", "match": false, "host": "93.184.216.34" }
+# failJSON: { "time": "2015-01-31T14:29:44", "match": false, "host": "93.184.215.14" }
-93.184.216.34 - - - [31/Jan/2015:14:29:44 ] example.com "GET / HTTP/1.1" 200 814 "-" "NOT A __GOOGLE_BOT__" + 293 1149 546
+93.184.215.14 - - - [31/Jan/2015:14:29:44 ] example.com "GET / HTTP/1.1" 200 814 "-" "NOT A __GOOGLE_BOT__" + 293 1149 546
--- a/fail2ban/tests/files/logs/nginx-limit-req
+++ b/fail2ban/tests/files/logs/nginx-limit-req
@ -8,8 +8,8 @@
 # failJSON: { "time": "2016-09-30T08:36:06", "match": true, "host": "13.123.1.123" }
 2016/09/30 08:36:06 [error] 22923#0: *4758725916 limiting requests, excess: 15.243 by zone "one", client: 13.123.1.123, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
-# failJSON: { "time": "2016-09-30T08:36:06", "match": true, "host": "2606:2800:220:1:248:1893:25c8:1946" }
+# failJSON: { "time": "2016-09-30T08:36:06", "match": true, "host": "2001:db8::80da:af6b:8b2c" }
-2016/09/30 08:36:06 [error] 22923#0: *4758725916 limiting requests, excess: 15.243 by zone "one", client: 2606:2800:220:1:248:1893:25c8:1946, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
+2016/09/30 08:36:06 [error] 22923#0: *4758725916 limiting requests, excess: 15.243 by zone "one", client: 2001:db8::80da:af6b:8b2c, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
 # filterOptions: [{"logtype": "journal"}]
--- a/fail2ban/tests/files/logs/sshd-journal
+++ b/fail2ban/tests/files/logs/sshd-journal
@ -9,8 +9,8 @@
 srv sshd[13709]: error: PAM: Authentication failure for myhlj1374 from 192.030.0.6
 # failJSON: { "match": true , "host": "example.com" }
 srv sshd[28732]: error: PAM: Authentication failure for stefanor from example.com
-# failJSON: { "match": true , "host": "2606:2800:220:1:248:1893:25c8:1946" }
+# failJSON: { "match": true , "host": "2001:db8::80da:af6b:8b2c" }
-srv sshd[28732]: error: PAM: Authentication failure for test-ipv6 from 2606:2800:220:1:248:1893:25c8:1946
+srv sshd[28732]: error: PAM: Authentication failure for test-ipv6 from 2001:db8::80da:af6b:8b2c
 #2
 # failJSON: { "match": true , "host": "194.117.26.69" }
--- a/fail2ban/tests/files/testcase-usedns.log
+++ b/fail2ban/tests/files/testcase-usedns.log
@ -1,2 +1,2 @@
 Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2
-Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.216.34 port 51332 ssh2
+Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2
--- a/fail2ban/tests/filtertestcase.py
+++ b/fail2ban/tests/filtertestcase.py
@ -587,7 +587,7 @@ class IgnoreIP(LogCaptureTestCase):
 				self.assertNotLogged("returned successfully")
 	def testIgnoreCauseOK(self):
-		ip = "93.184.216.34"
+		ip = "93.184.215.14"
 		for ignore_source in ["dns", "ip", "command"]:
 			self.filter.logIgnoreIp(ip, True, ignore_source=ignore_source)
 			self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, ignore_source))
@ -1892,13 +1892,13 @@ class GetFailures(LogCaptureTestCase):
 		#unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils.
 		# We should still catch failures with usedns = no ;-)
 		output_yes = (
-			('93.184.216.34', 1, 1124013299.0,
+			('93.184.215.14', 1, 1124013299.0,
 			  ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2']
 			),
-			('93.184.216.34', 1, 1124013539.0,
+			('93.184.215.14', 1, 1124013539.0,
-			  ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.216.34 port 51332 ssh2']
+			  ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2']
 			),
-			('2606:2800:220:1:248:1893:25c8:1946', 1, 1124013299.0,
+			('2606:2800:21f:cb07:6820:80da:af6b:8b2c', 1, 1124013299.0,
 			  ['Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2']
 			),
 		)
@ -1906,8 +1906,8 @@ class GetFailures(LogCaptureTestCase):
 			output_yes = output_yes[0:2]
 		output_no = (
-			('93.184.216.34', 1, 1124013539.0,
+			('93.184.215.14', 1, 1124013539.0,
-			  ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.216.34 port 51332 ssh2']
+			  ['Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2']
 			)
 		)
@ -2100,8 +2100,8 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 	## example.com IPs considering IPv6 support (without network it is simulated via cache in utils).
 	EXAMPLE_ADDRS = (
-		['93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'] if unittest.F2B.no_network or DNSUtils.IPv6IsAllowed() else \
+		['93.184.215.14', '2606:2800:21f:cb07:6820:80da:af6b:8b2c'] if unittest.F2B.no_network or DNSUtils.IPv6IsAllowed() else \
-		['93.184.216.34']
+		['93.184.215.14']
 	)
 	def test_IPAddr(self):
@ -2234,8 +2234,8 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 		self.assertEqual(IPAddr('192.0.2.0').getPTR(), '0.2.0.192.in-addr.arpa.')
 		self.assertEqual(IPAddr('192.0.2.1').getPTR(), '1.2.0.192.in-addr.arpa.')
-		self.assertEqual(IPAddr('2606:2800:220:1:248:1893:25c8:1946').getPTR(), 
+		self.assertEqual(IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c').getPTR(), 
-			'6.4.9.1.8.c.5.2.3.9.8.1.8.4.2.0.1.0.0.0.0.2.2.0.0.0.8.2.6.0.6.2.ip6.arpa.')
+			'c.2.b.8.b.6.f.a.a.d.0.8.0.2.8.6.7.0.b.c.f.1.2.0.0.0.8.2.6.0.6.2.ip6.arpa.')
 	def testIPAddr_Equal6(self):
 		self.assertEqual(
@ -2283,14 +2283,14 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 	def testIPAddr_Compare(self):
 		ip4 = [
-			IPAddr('93.184.0.1'),
+			IPAddr('192.0.0.1'),
-			IPAddr('93.184.216.1'),
+			IPAddr('192.0.2.1'),
-			IPAddr('93.184.216.34')
+			IPAddr('192.0.2.14')
 		]
 		ip6 = [
-			IPAddr('2606:2800:220:1:248:1893::'),
+			IPAddr('2001:db8::'),
-			IPAddr('2606:2800:220:1:248:1893:25c8:0'),
+			IPAddr('2001:db8::80da:af6b:0'),
-			IPAddr('2606:2800:220:1:248:1893:25c8:1946')
+			IPAddr('2001:db8::80da:af6b:8b2c')
 		]
 		# ip4
 		self.assertNotEqual(ip4[0], None)
@ -2313,8 +2313,8 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 		self.assertEqual(sorted(reversed(ip4+ip6)), ip4+ip6)
 		# hashing (with string as key):
 		d={
-			'93.184.216.34': 'ip4-test', 
+			'192.0.2.14': 'ip4-test', 
-			'2606:2800:220:1:248:1893:25c8:1946': 'ip6-test'
+			'2001:db8::80da:af6b:8b2c': 'ip6-test'
 		}
 		d2 = dict([(IPAddr(k), v) for k, v in d.items()])
 		self.assertTrue(isinstance(list(d.keys())[0], str))
@ -2366,9 +2366,9 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 	def testIPAddr_CompareDNS(self):
 		#unittest.F2B.SkipIfNoNetwork() ## without network it is simulated via cache in utils.
 		ips = IPAddr('example.com')
-		self.assertTrue(IPAddr("93.184.216.34").isInNet(ips))
+		self.assertTrue(IPAddr("93.184.215.14").isInNet(ips))
-		self.assertEqual(IPAddr("2606:2800:220:1:248:1893:25c8:1946").isInNet(ips),
+		self.assertEqual(IPAddr("2606:2800:21f:cb07:6820:80da:af6b:8b2c").isInNet(ips),
-		                        "2606:2800:220:1:248:1893:25c8:1946" in self.EXAMPLE_ADDRS)
+		                        "2606:2800:21f:cb07:6820:80da:af6b:8b2c" in self.EXAMPLE_ADDRS)
 	def testIPAddr_wrongDNS_IP(self):
 		unittest.F2B.SkipIfNoNetwork()
@ -2379,8 +2379,8 @@ class DNSUtilsNetworkTests(unittest.TestCase):
 		ips = [DNSUtils.dnsToIp('example.com'), DNSUtils.dnsToIp('example.com')]
 		for ip1, ip2 in zip(ips, ips):
 			self.assertEqual(id(ip1), id(ip2))
-		ip1 = IPAddr('93.184.216.34'); ip2 = IPAddr('93.184.216.34'); self.assertEqual(id(ip1), id(ip2))
+		ip1 = IPAddr('93.184.215.14'); ip2 = IPAddr('93.184.215.14'); self.assertEqual(id(ip1), id(ip2))
-		ip1 = IPAddr('2606:2800:220:1:248:1893:25c8:1946'); ip2 = IPAddr('2606:2800:220:1:248:1893:25c8:1946'); self.assertEqual(id(ip1), id(ip2))
+		ip1 = IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'); ip2 = IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'); self.assertEqual(id(ip1), id(ip2))
 	def test_NetworkInterfacesAddrs(self):
 		for withMask in (False, True):
--- a/fail2ban/tests/utils.py
+++ b/fail2ban/tests/utils.py
@ -326,8 +326,8 @@ def initTests(opts):
 			('failed.dns.ch', set()),
 			('doh1.2.3.4.buga.xxxxx.yyy.invalid', set()),
 			('1.2.3.4.buga.xxxxx.yyy.invalid', set()),
-			('example.com', set([IPAddr('2606:2800:220:1:248:1893:25c8:1946'), IPAddr('93.184.216.34')])),
+			('example.com', set([IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'), IPAddr('93.184.215.14')])),
-			('www.example.com', set([IPAddr('2606:2800:220:1:248:1893:25c8:1946'), IPAddr('93.184.216.34')])),
+			('www.example.com', set([IPAddr('2606:2800:21f:cb07:6820:80da:af6b:8b2c'), IPAddr('93.184.215.14')])),
 		):
 			c.set(*i)
 		# if fast - precache all host names as localhost addresses (speed-up getSelfIPs/ignoreself):
`@ -1,2 +1,2 @@`
	`Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2`	`Aug 14 11:54:59 i60p295 sshd[12365]: Failed publickey for roehl from example.com port 51332 ssh2`
	`Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.216.34 port 51332 ssh2`	`Aug 14 11:58:59 i60p295 sshd[12365]: Failed publickey for roehl from ::ffff:93.184.215.14 port 51332 ssh2`