mirror of https://github.com/fail2ban/fail2ban
fixes wrong date (invalid format or value) recognition if template available (+ test cases extended)
sebres
parent
c0e0cfb39d
commit
90f9009959
|
|
@ -224,12 +224,15 @@ class DateDetector(object):
|
||||||
if timeMatch:
|
if timeMatch:
|
||||||
template = timeMatch[1]
|
template = timeMatch[1]
|
||||||
if template is not None:
|
if template is not None:
|
||||||
date = template.getDate(line, timeMatch[0])
|
try:
|
||||||
if date is not None:
|
date = template.getDate(line, timeMatch[0])
|
||||||
if logSys.getEffectiveLevel() <= logLevel:
|
if date is not None:
|
||||||
logSys.log(logLevel, "Got time %f for \"%r\" using template %s",
|
if logSys.getEffectiveLevel() <= logLevel:
|
||||||
date[0], date[1].group(), template.name)
|
logSys.log(logLevel, "Got time %f for %r using template %s",
|
||||||
return date
|
date[0], date[1].group(), template.name)
|
||||||
|
return date
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
with self.__lock:
|
with self.__lock:
|
||||||
for template in self.__templates:
|
for template in self.__templates:
|
||||||
try:
|
try:
|
||||||
|
|
@ -237,7 +240,7 @@ class DateDetector(object):
|
||||||
if date is None:
|
if date is None:
|
||||||
continue
|
continue
|
||||||
if logSys.getEffectiveLevel() <= logLevel:
|
if logSys.getEffectiveLevel() <= logLevel:
|
||||||
logSys.log(logLevel, "Got time %f for \"%r\" using template %s",
|
logSys.log(logLevel, "Got time %f for %r using template %s",
|
||||||
date[0], date[1].group(), template.name)
|
date[0], date[1].group(), template.name)
|
||||||
return date
|
return date
|
||||||
except ValueError: # pragma: no cover
|
except ValueError: # pragma: no cover
|
||||||
|
|
|
||||||
|
|
@ -29,3 +29,19 @@ Jun 21 16:55:02 <auth.info> machine kernel: [ 970.699396] @vserver_demo test-
|
||||||
# -- the same as above with brackets as date ambit --
|
# -- the same as above with brackets as date ambit --
|
||||||
# failJSON: { "time": "2005-06-21T16:55:03", "match": true , "host": "192.0.2.3" }
|
# failJSON: { "time": "2005-06-21T16:55:03", "match": true , "host": "192.0.2.3" }
|
||||||
[Jun 21 16:55:03] <auth.info> machine kernel: [ 970.699396] @vserver_demo test-demo(pam_unix)[13709] [ID 255 test] F2B: failure from 192.0.2.3
|
[Jun 21 16:55:03] <auth.info> machine kernel: [ 970.699396] @vserver_demo test-demo(pam_unix)[13709] [ID 255 test] F2B: failure from 192.0.2.3
|
||||||
|
|
||||||
|
# -- wrong time direct in journal-line (used last known date):
|
||||||
|
# failJSON: { "time": "2005-06-21T16:55:03", "match": true , "host": "192.0.2.1" }
|
||||||
|
0000-12-30 00:00:00 server test-demo[47831]: F2B: failure from 192.0.2.1
|
||||||
|
# -- wrong time after newline in message (plist without escaped newlines):
|
||||||
|
# failJSON: { "match": false }
|
||||||
|
Jun 22 20:37:04 server test-demo[402]: writeToStorage plist={
|
||||||
|
# failJSON: { "match": false }
|
||||||
|
absentCircleWithNoReason = 0;
|
||||||
|
# failJSON: { "match": false }
|
||||||
|
applicationDate = "0000-12-30 00:00:00 +0000";
|
||||||
|
# failJSON: { "match": false }
|
||||||
|
}
|
||||||
|
# -- wrong time direct in journal-line (used last known date):
|
||||||
|
# failJSON: { "time": "2005-06-22T20:37:04", "match": true , "host": "192.0.2.2" }
|
||||||
|
0000-12-30 00:00:00 server test-demo[47831]: F2B: failure from 192.0.2.2
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue