github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

speedup template first time selection through pre-sorted template list by template hits

pull/1583/head
sebres 2016-10-06 16:44:07 +02:00
parent 0bed91b3c2
commit bd1eb70c52
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
fail2ban/server/datedetector.py
View File

@ -88,14 +88,9 @@ class DateDetectorCache(object):
# simple date: 2005/01/23 21:59:59 # simple date: 2005/01/23 21:59:59
# custom for syslog-ng 2006.12.21 06:43:20 # custom for syslog-ng 2006.12.21 06:43:20
self._cacheTemplate("%ExY(?P<_sep>[-/.])%m(?P=_sep)%d[T ]%H:%M:%S(?:[.,]%f)?(?:\s*%z)?") self._cacheTemplate("%ExY(?P<_sep>[-/.])%m(?P=_sep)%d[T ]%H:%M:%S(?:[.,]%f)?(?:\s*%z)?")
# 20050123T215959, 20050123 215959
self._cacheTemplate("%ExY%Exm%Exd[T ]%ExH%ExM%ExS(?:[.,]%f)?(?:\s*%z)?")
# asctime with optional day, subsecond and/or year: # asctime with optional day, subsecond and/or year:
# Sun Jan 23 21:59:59.011 2005 # Sun Jan 23 21:59:59.011 2005
# prefixed with optional time zone (monit):
# PDT Apr 16 21:05:29
self._cacheTemplate("(?:%z )?(?:%a )?%b %d %H:%M:%S(?:\.%f)?(?: %ExY)?") self._cacheTemplate("(?:%z )?(?:%a )?%b %d %H:%M:%S(?:\.%f)?(?: %ExY)?")
self._cacheTemplate("(?:%Z )?(?:%a )?%b %d %H:%M:%S(?:\.%f)?(?: %ExY)?")
# asctime with optional day, subsecond and/or year coming after day # asctime with optional day, subsecond and/or year coming after day
# http://bugs.debian.org/798923 # http://bugs.debian.org/798923
# Sun Jan 23 2005 21:59:59.011 # Sun Jan 23 2005 21:59:59.011
@ -132,6 +127,12 @@ class DateDetectorCache(object):
self._cacheTemplate("%b %d, %ExY %I:%M:%S %p") self._cacheTemplate("%b %d, %ExY %I:%M:%S %p")
# ASSP: Apr-27-13 02:33:06 # ASSP: Apr-27-13 02:33:06
self._cacheTemplate("%b-%d-%Exy %H:%M:%S", lineBeginOnly=True) self._cacheTemplate("%b-%d-%Exy %H:%M:%S", lineBeginOnly=True)
# 20050123T215959, 20050123 215959
self._cacheTemplate("%ExY%Exm%Exd[T ]%ExH%ExM%ExS(?:[.,]%f)?(?:\s*%z)?")
# prefixed with optional named time zone (monit):
# PDT Apr 16 21:05:29
self._cacheTemplate("(?:%Z )?(?:%a )?%b %d %H:%M:%S(?:\.%f)?(?: %ExY)?")
#
self.__templates = self.__tmpcache[0] + self.__tmpcache[1] self.__templates = self.__tmpcache[0] + self.__tmpcache[1]
del self.__tmpcache del self.__tmpcache
@ -212,7 +213,9 @@ class DateDetector(object):
def addDefaultTemplate(self, filterTemplate=None, preMatch=None): def addDefaultTemplate(self, filterTemplate=None, preMatch=None):
"""Add Fail2Ban's default set of date templates. """Add Fail2Ban's default set of date templates.
""" """
for template in DateDetector._defCache.templates: for template in sorted(DateDetector._defCache.templates,
lambda a,b: b.hits - a.hits
):
# filter if specified: # filter if specified:
if filterTemplate is not None and not filterTemplate(template): continue if filterTemplate is not None and not filterTemplate(template): continue
# if exact pattern available - create copy of template, contains replaced {DATE} with default regex: # if exact pattern available - create copy of template, contains replaced {DATE} with default regex:

3
fail2ban/server/datetemplate.py
View File

@ -65,6 +65,7 @@ class DateTemplate(object):
self.name = "" self.name = ""
self.weight = 1.0 self.weight = 1.0
self.flags = 0 self.flags = 0
self.hits = 0
self._regex = "" self._regex = ""
self._cRegex = None self._cRegex = None
@ -133,6 +134,8 @@ class DateTemplate(object):
if not self._cRegex: if not self._cRegex:
self._compileRegex() self._compileRegex()
dateMatch = self._cRegex.search(line, *args); # pos, endpos dateMatch = self._cRegex.search(line, *args); # pos, endpos
if dateMatch:
self.hits += 1
return dateMatch return dateMatch
@abstractmethod @abstractmethod