github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Fixed a bug when overriding "maxfailures" or "bantime". Thanks to Yaroslav Halchenko 

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_5@188 a942ae1a-1317-0410-a47c-b1dcaea8d605
0.5
Cyril Jaquier 2005-09-05 21:12:08 +00:00
parent 54f4a7d240
commit c573432e74
1 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
fail2ban.py
View File

@ -129,7 +129,7 @@ def getCmdLineOptions(optList):
if opt[0] == "-i": if opt[0] == "-i":
conf["ignoreip"] = opt[1] conf["ignoreip"] = opt[1]
if opt[0] == "-r": if opt[0] == "-r":
conf["maxretry"] = int(opt[1]) conf["maxfailures"] = int(opt[1])
if opt[0] == "-p": if opt[0] == "-p":
conf["pidlock"] = opt[1] conf["pidlock"] = opt[1]
if opt[0] == "-k": if opt[0] == "-k":
@ -177,7 +177,7 @@ def main():
["str", "logtargets", "/var/log/fail2ban.log"], ["str", "logtargets", "/var/log/fail2ban.log"],
["bool", "debug", False], ["bool", "debug", False],
["str", "pidlock", "/var/run/fail2ban.pid"], ["str", "pidlock", "/var/run/fail2ban.pid"],
["int", "maxretry", 3], ["int", "maxfailures", 5],
["int", "bantime", 600], ["int", "bantime", 600],
["str", "ignoreip", ""], ["str", "ignoreip", ""],
["int", "polltime", 1], ["int", "polltime", 1],
@ -257,12 +257,6 @@ def main():
# Ignores IP list # Ignores IP list
ignoreIPList = conf["ignoreip"].split(' ') ignoreIPList = conf["ignoreip"].split(' ')
# maxretry option
maxRetry = conf["maxretry"]
# bantime option
banTime = conf["bantime"]
# Checks for root user. This is necessary because log files # Checks for root user. This is necessary because log files
# are owned by root and firewall needs root access. # are owned by root and firewall needs root access.
if not checkForRoot(): if not checkForRoot():
@ -283,7 +277,7 @@ def main():
logSys.debug("ConfFile is " + conf["conffile"]) logSys.debug("ConfFile is " + conf["conffile"])
logSys.debug("BanTime is " + `conf["bantime"]`) logSys.debug("BanTime is " + `conf["bantime"]`)
logSys.debug("retryAllowed is " + `conf["maxretry"]`) logSys.debug("MaxFailure is " + `conf["maxfailures"]`)
# Options # Options
optionValues = (["bool", "enabled", False], optionValues = (["bool", "enabled", False],
@ -308,7 +302,7 @@ def main():
# Options # Options
optionValues = (["bool", "enabled", False], optionValues = (["bool", "enabled", False],
["str", "logfile", "/dev/null"], ["str", "logfile", "/dev/null"],
["int", "maxretry", None], ["int", "maxfailures", None],
["int", "bantime", None], ["int", "bantime", None],
["str", "timeregex", ""], ["str", "timeregex", ""],
["str", "timepattern", ""], ["str", "timepattern", ""],
@ -322,17 +316,21 @@ def main():
for t in confReader.getSections(): for t in confReader.getSections():
l = confReader.getLogOptions(t, optionValues) l = confReader.getLogOptions(t, optionValues)
if l["enabled"]: if l["enabled"]:
# Override maxretry option # Override maxfailures option
if not l["maxretry"] == None: if not l["maxfailures"] == None:
maxRetry = l["maxretry"] maxFailures = l["maxfailures"]
else:
maxFailures = conf["maxfailures"]
# Override bantime option # Override bantime option
if not l["bantime"] == None: if not l["bantime"] == None:
banTime = l["bantime"] banTime = l["bantime"]
else:
banTime = conf["bantime"]
# Creates a logreader object # Creates a logreader object
lObj = LogReader(l["logfile"], l["timeregex"], l["timepattern"], lObj = LogReader(l["logfile"], l["timeregex"], l["timepattern"],
l["failregex"], maxRetry, banTime) l["failregex"], maxFailures, banTime)
# Creates a firewall object # Creates a firewall object
fObj = Firewall(l["fwban"], l["fwunban"], banTime) fObj = Firewall(l["fwban"], l["fwunban"], banTime)
# Links them into a list. I'm not really happy # Links them into a list. I'm not really happy