github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

fail2ban-regex: extended with option '--raw' (switch to raw host, prevent resolving of ip)

pull/1454/head
sebres 2016-05-30 13:32:58 +02:00
parent b7787f4af4
commit c33e25bab6
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
fail2ban/client/fail2banregex.py
View File

@ -126,6 +126,8 @@ Report bugs to https://github.com/fail2ban/fail2ban/issues
help="set custom pattern used to match date/times"), help="set custom pattern used to match date/times"),
Option("-e", "--encoding", Option("-e", "--encoding",
help="File encoding. Default: system locale"), help="File encoding. Default: system locale"),
Option("-r", "--raw", action='store_true',
help="Raw hosts, don't resolve dns"),
Option("-L", "--maxlines", type=int, default=0, Option("-L", "--maxlines", type=int, default=0,
help="maxlines for multi-line regex"), help="maxlines for multi-line regex"),
Option("-m", "--journalmatch", Option("-m", "--journalmatch",
@ -239,6 +241,7 @@ class Fail2banRegex(object):
self.encoding = opts.encoding self.encoding = opts.encoding
else: else:
self.encoding = locale.getpreferredencoding() self.encoding = locale.getpreferredencoding()
self.raw = True if opts.raw else False
def decode_line(self, line): def decode_line(self, line):
return FileContainer.decode_line('<LOG>', self.encoding, line) return FileContainer.decode_line('<LOG>', self.encoding, line)
@ -335,7 +338,7 @@ class Fail2banRegex(object):
orgLineBuffer = self._filter._Filter__lineBuffer orgLineBuffer = self._filter._Filter__lineBuffer
fullBuffer = len(orgLineBuffer) >= self._filter.getMaxLines() fullBuffer = len(orgLineBuffer) >= self._filter.getMaxLines()
try: try:
line, ret = self._filter.processLine(line, date, checkAllRegex=True) line, ret = self._filter.processLine(line, date, checkAllRegex=True, returnRawHost=self.raw)
for match in ret: for match in ret:
# Append True/False flag depending if line was matched by # Append True/False flag depending if line was matched by
# more than one regex # more than one regex

9
fail2ban/tests/fail2banregextestcase.py
View File

@ -132,6 +132,15 @@ class Fail2banRegexTest(LogCaptureTestCase):
self.assertLogged('Dez 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 193.168.0.128') self.assertLogged('Dez 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 193.168.0.128')
self.assertLogged('Dec 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 87.142.124.10') self.assertLogged('Dec 31 11:59:59 [sshd] error: PAM: Authentication failure for kevin from 87.142.124.10')
def testDirectRE_1raw(self):
(opts, args, fail2banRegex) = _Fail2banRegex(
"--print-all-matched", "--raw",
Fail2banRegexTest.FILENAME_01,
Fail2banRegexTest.RE_00
)
self.assertTrue(fail2banRegex.start(opts, args))
self.assertLogged('Lines: 19 lines, 0 ignored, 16 matched, 3 missed')
def testDirectRE_2(self): def testDirectRE_2(self):
(opts, args, fail2banRegex) = _Fail2banRegex( (opts, args, fail2banRegex) = _Fail2banRegex(
"--print-all-matched", "--print-all-matched",