github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

interpolation of config readers extended with `%(known/parameter)s`. 

(means last known option with name `parameter`).
pull/868/head
sebres 2014-11-28 19:03:58 +01:00
parent 1439152121
commit d63b125877
6 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -19,6 +19,8 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released
- New Features: - New Features:
- new interpolation feature for config readers - `%(known/parameter)s`.
(means last known option with name `parameter`).
- new options for jail introduced addfailregex/addignoreregex: extends regex - new options for jail introduced addfailregex/addignoreregex: extends regex
specified in filter (opposite to failregex/ignoreregex that overwrites it) specified in filter (opposite to failregex/ignoreregex that overwrites it)
see gh-867. see gh-867.

5
fail2ban/client/configparserinc.py
View File

@ -226,6 +226,11 @@ after = 1.conf
if isinstance(s, dict): if isinstance(s, dict):
s2 = alls.get(n) s2 = alls.get(n)
if isinstance(s2, dict): if isinstance(s2, dict):
# save previous known values, for possible using in local interpolations later:
for k, v in s2.iteritems():
if not k.startswith('known/'):
s2['known/'+k] = v
# merge section
s2.update(s) s2.update(s)
else: else:
alls[n] = s.copy() alls[n] = s.copy()

5
fail2ban/tests/clientreadertestcase.py
View File

@ -436,6 +436,11 @@ class JailsReaderTest(LogCaptureTestCase):
['set', 'test2failregex', 'addfailregex', 'failure 1 <IP>'], ['set', 'test2failregex', 'addfailregex', 'failure 1 <IP>'],
['set', 'test2failregex', 'addfailregex', 'failure 2 <IP>'], ['set', 'test2failregex', 'addfailregex', 'failure 2 <IP>'],
['start', 'test2failregex'], ['start', 'test2failregex'],
['add', 'test3known-interp', 'auto'],
['set', 'test3known-interp', 'addfailregex', 'failure test 1 (filter.d/test.conf) <HOST>'],
['set', 'test3known-interp', 'addfailregex', 'failure test 2 (filter.d/test.local) <HOST>'],
['set', 'test3known-interp', 'addfailregex', 'failure test 3 (jail.local) <HOST>'],
['start', 'test3known-interp'],
['add', 'missinglogfiles', 'auto'], ['add', 'missinglogfiles', 'auto'],
['set', 'missinglogfiles', 'addfailregex', '<IP>'], ['set', 'missinglogfiles', 'addfailregex', '<IP>'],
['add', 'brokenaction', 'auto'], ['add', 'brokenaction', 'auto'],

6
fail2ban/tests/config/filter.d/test.conf Normal file
View File

@ -0,0 +1,6 @@
#[INCLUDES]
#before = common.conf
[Definition]
failregex = failure test 1 (filter.d/test.conf) <HOST>

7
fail2ban/tests/config/filter.d/test.local Normal file
View File

@ -0,0 +1,7 @@
#[INCLUDES]
#before = common.conf
[Definition]
failregex = %(known/failregex)s
failure test 2 (filter.d/test.local) <HOST>

5
fail2ban/tests/config/jail.conf
View File

@ -27,6 +27,11 @@ filter = simple
failregex = failure 1 <IP> failregex = failure 1 <IP>
failure 2 <IP> failure 2 <IP>
[test3known-interp]
enabled = true
filter = test
addfailregex = failure test 3 (jail.local) <HOST>
[missinglogfiles] [missinglogfiles]
enabled = true enabled = true
logpath = /weapons/of/mass/destruction logpath = /weapons/of/mass/destruction