github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

added log message if ignored by `ignoreself` rule (similar to both other rules `ignoreip` and `ignorecommand`), and test covered now;

pull/2133/head
sebres 2018-04-25 19:06:03 +02:00
parent 4099897be0
commit a208b11796
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fail2ban/server/filter.py
View File

@ -496,6 +496,7 @@ class Filter(JailThread):
# check own IPs should be ignored and 'ip' is self IP:
if self.__ignoreSelf and ip in DNSUtils.getSelfIPs():
self.logIgnoreIp(ip, log_ignore, ignore_source="ignoreself rule")
return True
for net in self.__ignoreIpList:

10
fail2ban/tests/filtertestcase.py
View File

@ -336,17 +336,21 @@ class IgnoreIP(LogCaptureTestCase):
ipList = ("127.0.0.1",)
# test ignoreSelf is false:
for ip in ipList:
self.assertFalse(self.filter.inIgnoreIPList(ip))
self.assertFalse(self.filter.inIgnoreIPList(ip, log_ignore=True))
self.assertNotLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule"))
# test ignoreSelf with true:
self.filter.ignoreSelf = True
self.pruneLog()
for ip in ipList:
self.assertTrue(self.filter.inIgnoreIPList(ip))
self.assertTrue(self.filter.inIgnoreIPList(ip, log_ignore=True))
self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule"))
def testIgnoreIPOK(self):
ipList = "127.0.0.1", "192.168.0.1", "255.255.255.255", "99.99.99.99"
for ip in ipList:
self.filter.addIgnoreIP(ip)
self.assertTrue(self.filter.inIgnoreIPList(ip))
self.assertTrue(self.filter.inIgnoreIPList(ip, log_ignore=True))
self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ip"))
def testIgnoreIPNOK(self):
ipList = "", "999.999.999.999", "abcdef.abcdef", "192.168.0."