mirror of https://github.com/fail2ban/fail2ban
Merge branch '0.11'
commit
9905904bba
|
@ -18,6 +18,7 @@ ver. 1.0.1-dev-1 (20??/??/??) - development nightly edition
|
||||||
### Fixes
|
### Fixes
|
||||||
* [stability] prevent race condition - no ban if filter (backend) is continuously busy if
|
* [stability] prevent race condition - no ban if filter (backend) is continuously busy if
|
||||||
too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)
|
too many messages will be found in log, e. g. initial scan of large log-file or journal (gh-2660)
|
||||||
|
* pyinotify-backend sporadically avoided initial scanning of log-file by start
|
||||||
* python 3.9 compatibility (and Travis CI support)
|
* python 3.9 compatibility (and Travis CI support)
|
||||||
* restoring a large number (500+ depending on files ulimit) of current bans when using PyPy fixed
|
* restoring a large number (500+ depending on files ulimit) of current bans when using PyPy fixed
|
||||||
* manual ban is written to database, so can be restored by restart (gh-2647)
|
* manual ban is written to database, so can be restored by restart (gh-2647)
|
||||||
|
|
|
@ -329,8 +329,10 @@ class Actions(JailThread, Mapping):
|
||||||
logSys.debug("Actions: leave idle mode")
|
logSys.debug("Actions: leave idle mode")
|
||||||
continue
|
continue
|
||||||
# wait for ban (stop if gets inactive):
|
# wait for ban (stop if gets inactive):
|
||||||
bancnt = Utils.wait_for(lambda: not self.active or self.__checkBan(), self.sleeptime)
|
bancnt = 0
|
||||||
cnt += bancnt
|
if Utils.wait_for(lambda: not self.active or self._jail.hasFailTickets, self.sleeptime):
|
||||||
|
bancnt = self.__checkBan()
|
||||||
|
cnt += bancnt
|
||||||
# unban if nothing is banned not later than banned tickets >= banPrecedence
|
# unban if nothing is banned not later than banned tickets >= banPrecedence
|
||||||
if not bancnt or cnt >= self.banPrecedence:
|
if not bancnt or cnt >= self.banPrecedence:
|
||||||
if self.active:
|
if self.active:
|
||||||
|
|
|
@ -458,10 +458,10 @@ class Filter(JailThread):
|
||||||
logSys.info(
|
logSys.info(
|
||||||
"[%s] Attempt %s - %s", self.jailName, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S")
|
"[%s] Attempt %s - %s", self.jailName, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S")
|
||||||
)
|
)
|
||||||
self.failManager.addFailure(ticket, len(matches) or 1)
|
attempts = self.failManager.addFailure(ticket, len(matches) or 1)
|
||||||
|
|
||||||
# Perform the ban if this attempt is resulted to:
|
# Perform the ban if this attempt is resulted to:
|
||||||
self.performBan(ip)
|
if attempts >= self.failManager.getMaxRetry():
|
||||||
|
self.performBan(ip)
|
||||||
|
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
|
|
|
@ -271,7 +271,13 @@ class FilterPyinotify(FileFilter):
|
||||||
|
|
||||||
def _addLogPath(self, path):
|
def _addLogPath(self, path):
|
||||||
self._addFileWatcher(path)
|
self._addFileWatcher(path)
|
||||||
self._process_file(path)
|
# initial scan:
|
||||||
|
if self.active:
|
||||||
|
# we can execute it right now:
|
||||||
|
self._process_file(path)
|
||||||
|
else:
|
||||||
|
# retard until filter gets started:
|
||||||
|
self._addPending(path, ('INITIAL', path))
|
||||||
|
|
||||||
##
|
##
|
||||||
# Delete a log path
|
# Delete a log path
|
||||||
|
|
|
@ -196,6 +196,12 @@ class Jail(object):
|
||||||
("Actions", self.actions.status(flavor=flavor)),
|
("Actions", self.actions.status(flavor=flavor)),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@property
|
||||||
|
def hasFailTickets(self):
|
||||||
|
"""Retrieve whether queue has tickets to ban.
|
||||||
|
"""
|
||||||
|
return not self.__queue.empty()
|
||||||
|
|
||||||
def putFailTicket(self, ticket):
|
def putFailTicket(self, ticket):
|
||||||
"""Add a fail ticket to the jail.
|
"""Add a fail ticket to the jail.
|
||||||
|
|
||||||
|
|
|
@ -54,6 +54,10 @@ class DummyJail(Jail):
|
||||||
with self.lock:
|
with self.lock:
|
||||||
return bool(self.queue)
|
return bool(self.queue)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def hasFailTickets(self):
|
||||||
|
return bool(self.queue)
|
||||||
|
|
||||||
def putFailTicket(self, ticket):
|
def putFailTicket(self, ticket):
|
||||||
with self.lock:
|
with self.lock:
|
||||||
self.queue.append(ticket)
|
self.queue.append(ticket)
|
||||||
|
|
Loading…
Reference in New Issue