github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #2245 from benrubson/loglevel 

badips.py: extended option `loglevel` to supply different log-level to the summary
pull/2356/head
Sergey G. Brester 2019-02-22 14:25:03 +01:00 committed by GitHub
parent 140243328f 410a9804b1
commit af18993ba2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -62,6 +62,9 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition
attempts (failure) for IP (resp. failure-ID), see gh-2351;
Syntax:
- `fail2ban-client set <jail> attempt <ip> [<failure-message1> ... <failure-messageN>]`
* `action.d/badips.py`: option `loglevel` extended with level of summary message,
following example configuration logging summary with NOTICE and rest with DEBUG log-levels:
`action = badips.py[loglevel="debug, notice"]`
ver. 0.10.4 (2018/10/04) - ten-four-on-due-date-ten-four

23
config/action.d/badips.py
View File

@ -32,7 +32,7 @@ else: # pragma: 3.x no cover
from urllib import urlencode
from fail2ban.server.actions import ActionBase
from fail2ban.helpers import str2LogLevel
from fail2ban.helpers import splitwords, str2LogLevel
@ -75,6 +75,9 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
loglevel : int/str, optional
Log level of the message when an IP is (un)banned.
Default `DEBUG`.
Can be also supplied as two-value list (comma- or space separated) to
provide level of the summary message when a group of IPs is (un)banned.
Example `DEBUG,INFO`.
agent : str, optional
User agent transmitted to server.
Default `Fail2Ban/ver.`
@ -91,8 +94,8 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
return Request(url, headers={'User-Agent': self.agent}, **argv)
def __init__(self, jail, name, category, score=3, age="24h", key=None,
banaction=None, bancategory=None, bankey=None, updateperiod=900, loglevel='DEBUG', agent="Fail2Ban",
timeout=TIMEOUT):
banaction=None, bancategory=None, bankey=None, updateperiod=900,
loglevel='DEBUG', agent="Fail2Ban", timeout=TIMEOUT):
super(BadIPsAction, self).__init__(jail, name)
self.timeout = timeout
@ -104,7 +107,9 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
self.banaction = banaction
self.bancategory = bancategory or category
self.bankey = bankey
self.loglevel = str2LogLevel(loglevel)
loglevel = splitwords(loglevel)
self.sumloglevel = str2LogLevel(loglevel[-1])
self.loglevel = str2LogLevel(loglevel[0])
self.updateperiod = updateperiod
self._bannedips = set()
@ -350,9 +355,13 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
s = ips - self._bannedips
p = len(s)
self._banIPs(s)
self._logSys.log(self.loglevel,
"Updated IPs for jail '%s' (-%d/+%d). Update again in %i seconds",
self._jail.name, m, p, self.updateperiod)
if m != 0 or p != 0:
self._logSys.log(self.sumloglevel,
"Updated IPs for jail '%s' (-%d/+%d)",
self._jail.name, m, p)
self._logSys.debug(
"Next update for jail '%' in %i seconds",
self._jail.name, self.updateperiod)
finally:
self._timer = threading.Timer(self.updateperiod, self.update)
self._timer.start()

1
fail2ban/tests/action_d/test_badips.py
View File

@ -55,6 +55,7 @@ if sys.version_info >= (2,7): # pragma: no cover - may be unavailable
pythonModule = None
modAction = None
@skip_if_not_available
def setUp(self):
"""Call before every test case."""
super(BadIPsActionTest, self).setUp()