From c33e25bab6a370a16ce5e16fdb8c4e564c06b92f Mon Sep 17 00:00:00 2001 From: sebres Date: Mon, 30 May 2016 13:32:58 +0200 Subject: [PATCH] fail2ban-regex: extended with option '--raw' (switch to raw host, prevent resolving of ip) --- fail2ban/client/fail2banregex.py | 5 ++++- fail2ban/tests/fail2banregextestcase.py | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/fail2ban/client/fail2banregex.py b/fail2ban/client/fail2banregex.py index 7c56a77e..c2b2e894 100755 --- a/fail2ban/client/fail2banregex.py +++ b/fail2ban/client/fail2banregex.py @@ -126,6 +126,8 @@ Report bugs to https://github.com/fail2ban/fail2ban/issues help="set custom pattern used to match date/times"), Option("-e", "--encoding", help="File encoding. Default: system locale"), + Option("-r", "--raw", action='store_true', + help="Raw hosts, don't resolve dns"), Option("-L", "--maxlines", type=int, default=0, help="maxlines for multi-line regex"), Option("-m", "--journalmatch", @@ -239,6 +241,7 @@ class Fail2banRegex(object): self.encoding = opts.encoding else: self.encoding = locale.getpreferredencoding() + self.raw = True if opts.raw else False def decode_line(self, line): return FileContainer.decode_line('', self.encoding, line) @@ -335,7 +338,7 @@ class Fail2banRegex(object): orgLineBuffer = self._filter._Filter__lineBuffer fullBuffer = len(orgLineBuffer) >= self._filter.getMaxLines() try: - line, ret = self._filter.processLine(line, date, checkAllRegex=True) + line, ret = self._filter.processLine(line, date, checkAllRegex=True, returnRawHost=self.raw) for match in ret: # Append True/False flag depending if line was matched by # more than one regex diff --git a/fail2ban/tests/fail2banregextestcase.py b/fail2ban/tests/fail2banregextestcase.py index 49d6a3a6..3321ffd8 100644 --- a/fail2ban/tests/fail2banregextestcase.py +++ b/fail2ban/tests/fail2banregextestcase.py @@ -132,6 +132,15 @@ class Fail2banRegexTest(LogCaptureTestCase): self.assertLogged('Dez 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 193.168.0.128') self.assertLogged('Dec 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 87.142.124.10') + def testDirectRE_1raw(self): + (opts, args, fail2banRegex) = _Fail2banRegex( + "--print-all-matched", "--raw", + Fail2banRegexTest.FILENAME_01, + Fail2banRegexTest.RE_00 + ) + self.assertTrue(fail2banRegex.start(opts, args)) + self.assertLogged('Lines: 19 lines, 0 ignored, 16 matched, 3 missed') + def testDirectRE_2(self): (opts, args, fail2banRegex) = _Fail2banRegex( "--print-all-matched",