diff --git a/config/jail.conf b/config/jail.conf index 05aa96c4..d3d49234 100644 --- a/config/jail.conf +++ b/config/jail.conf @@ -46,16 +46,16 @@ before = paths-debian.conf # "bantimeextra.enabled" allows to use database for searching of previously banned ip's to increase a # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32... -bantimeextra.enabled = true +#bantimeextra.enabled = true # "bantimeextra.findtime" is the max number of seconds that we search in the database, # if it is not specified - whole database will be used for ban searching # (please observe current "dbpurgeage" value of fail2ban.conf). -bantimeextra.findtime = 24*60*60 +#bantimeextra.findtime = 24*60*60 # "bantimeextra.rndtime" is the max number of seconds using for mixing with random time # to prevent "clever" botnets calculate exact time IP can be unbanned again: -bantimeextra.rndtime = 5*60 +#bantimeextra.rndtime = 5*60 # "bantimeextra.maxtime" is the max number of seconds using the ban time can reach (don't grows further) -bantimeextra.maxtime = 24*60*60 +#bantimeextra.maxtime = 24*60*60 # "bantimeextra.factor" is a coefficient to calculate exponent growing of the formula, # by default value of factor "2.0 / 2.885385" and default value of formula, the ban time # grows by 1, 2, 4, 8, 16 ... diff --git a/fail2ban/server/database.py b/fail2ban/server/database.py index 136f3e7a..de575bcf 100644 --- a/fail2ban/server/database.py +++ b/fail2ban/server/database.py @@ -115,7 +115,7 @@ class Fail2BanDb(object): "ip TEXT, " \ "timeofban INTEGER NOT NULL, " \ "bantime INTEGER NOT NULL, " \ - "bancount INTEGER NOT NULL, " \ + "bancount INTEGER NOT NULL default 1, " \ "data JSON, " \ "FOREIGN KEY(jail) REFERENCES jails(name) " \ ");" \ @@ -383,7 +383,7 @@ class Fail2BanDb(object): #TODO: Implement data parts once arbitrary match keys completed cur.execute( "INSERT INTO bans(jail, ip, timeofban, bantime, bancount, data) VALUES(?, ?, ?, ?, ?, ?)", - (jail.name, ticket.getIP(), ticket.getTime(), ticket.getBanTime(), ticket.getBanCount() + 1, + (jail.name, ticket.getIP(), ticket.getTime(), ticket.getBanTime(jail.actions.getBanTime()), ticket.getBanCount() + 1, {"matches": ticket.getMatches(), "failures": ticket.getAttempt()})) diff --git a/fail2ban/tests/failmanagertestcase.py b/fail2ban/tests/failmanagertestcase.py index 1f99d161..c5cf2412 100644 --- a/fail2ban/tests/failmanagertestcase.py +++ b/fail2ban/tests/failmanagertestcase.py @@ -96,10 +96,10 @@ class AddFailure(unittest.TestCase): ticket_repr = repr(ticket) self.assertEqual( ticket_str, - 'FailTicket: ip=193.168.0.128 time=1167605999.0 #attempts=5 matches=[]') + 'FailTicket: ip=193.168.0.128 time=1167605999.0 bantime=None bancount=0 #attempts=5 matches=[]') self.assertEqual( ticket_repr, - 'FailTicket: ip=193.168.0.128 time=1167605999.0 #attempts=5 matches=[]') + 'FailTicket: ip=193.168.0.128 time=1167605999.0 bantime=None bancount=0 #attempts=5 matches=[]') self.assertFalse(ticket == False) # and some get/set-ers otherwise not tested ticket.setTime(1000002000.0) @@ -107,7 +107,7 @@ class AddFailure(unittest.TestCase): # and str() adjusted correspondingly self.assertEqual( str(ticket), - 'FailTicket: ip=193.168.0.128 time=1000002000.0 #attempts=5 matches=[]') + 'FailTicket: ip=193.168.0.128 time=1000002000.0 bantime=None bancount=0 #attempts=5 matches=[]') def testbanNOK(self): self.__failManager.setMaxRetry(10) diff --git a/fail2ban/tests/files/database_v1.db b/fail2ban/tests/files/database_v1.db index 20822671..fa2d7bb2 100644 Binary files a/fail2ban/tests/files/database_v1.db and b/fail2ban/tests/files/database_v1.db differ