diff --git a/ChangeLog b/ChangeLog index d389ea0c..425979f7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -62,6 +62,9 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition attempts (failure) for IP (resp. failure-ID), see gh-2351; Syntax: - `fail2ban-client set attempt [ ... ]` +* `action.d/badips.py`: option `loglevel` extended with level of summary message, + following example configuration logging summary with NOTICE and rest with DEBUG log-levels: + `action = badips.py[loglevel="debug, notice"]` ver. 0.10.4 (2018/10/04) - ten-four-on-due-date-ten-four diff --git a/config/action.d/badips.py b/config/action.d/badips.py index 1ad711f4..e5de7555 100644 --- a/config/action.d/badips.py +++ b/config/action.d/badips.py @@ -32,7 +32,7 @@ else: # pragma: 3.x no cover from urllib import urlencode from fail2ban.server.actions import ActionBase -from fail2ban.helpers import str2LogLevel +from fail2ban.helpers import splitwords, str2LogLevel @@ -75,6 +75,9 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable loglevel : int/str, optional Log level of the message when an IP is (un)banned. Default `DEBUG`. + Can be also supplied as two-value list (comma- or space separated) to + provide level of the summary message when a group of IPs is (un)banned. + Example `DEBUG,INFO`. agent : str, optional User agent transmitted to server. Default `Fail2Ban/ver.` @@ -91,8 +94,8 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable return Request(url, headers={'User-Agent': self.agent}, **argv) def __init__(self, jail, name, category, score=3, age="24h", key=None, - banaction=None, bancategory=None, bankey=None, updateperiod=900, loglevel='DEBUG', agent="Fail2Ban", - timeout=TIMEOUT): + banaction=None, bancategory=None, bankey=None, updateperiod=900, + loglevel='DEBUG', agent="Fail2Ban", timeout=TIMEOUT): super(BadIPsAction, self).__init__(jail, name) self.timeout = timeout @@ -104,7 +107,9 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable self.banaction = banaction self.bancategory = bancategory or category self.bankey = bankey - self.loglevel = str2LogLevel(loglevel) + loglevel = splitwords(loglevel) + self.sumloglevel = str2LogLevel(loglevel[-1]) + self.loglevel = str2LogLevel(loglevel[0]) self.updateperiod = updateperiod self._bannedips = set() @@ -350,9 +355,13 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable s = ips - self._bannedips p = len(s) self._banIPs(s) - self._logSys.log(self.loglevel, - "Updated IPs for jail '%s' (-%d/+%d). Update again in %i seconds", - self._jail.name, m, p, self.updateperiod) + if m != 0 or p != 0: + self._logSys.log(self.sumloglevel, + "Updated IPs for jail '%s' (-%d/+%d)", + self._jail.name, m, p) + self._logSys.debug( + "Next update for jail '%' in %i seconds", + self._jail.name, self.updateperiod) finally: self._timer = threading.Timer(self.updateperiod, self.update) self._timer.start() diff --git a/fail2ban/tests/action_d/test_badips.py b/fail2ban/tests/action_d/test_badips.py index 3ea1fc76..7f2222e1 100644 --- a/fail2ban/tests/action_d/test_badips.py +++ b/fail2ban/tests/action_d/test_badips.py @@ -55,6 +55,7 @@ if sys.version_info >= (2,7): # pragma: no cover - may be unavailable pythonModule = None modAction = None + @skip_if_not_available def setUp(self): """Call before every test case.""" super(BadIPsActionTest, self).setUp()