github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

tweak performance a bit (filter.py: inIgnoreIPList: changed default of parameter `log_ignore=True`, mostly used against filter-calls)

pull/2133/head
sebres 2018-04-25 19:13:56 +02:00
parent a208b11796
commit e01981cc72
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
fail2ban/server/filter.py
View File

@ -418,7 +418,7 @@ class Filter(JailThread):
def addBannedIP(self, ip): def addBannedIP(self, ip):
if not isinstance(ip, IPAddr): if not isinstance(ip, IPAddr):
ip = IPAddr(ip) ip = IPAddr(ip)
if self.inIgnoreIPList(ip): if self.inIgnoreIPList(ip, log_ignore=False):
logSys.warning('Requested to manually ban an ignored IP %s. User knows best. Proceeding to ban it.', ip) logSys.warning('Requested to manually ban an ignored IP %s. User knows best. Proceeding to ban it.', ip)
unixTime = MyTime.time() unixTime = MyTime.time()
@ -490,7 +490,7 @@ class Filter(JailThread):
# @param ip IP address object # @param ip IP address object
# @return True if IP address is in ignore list # @return True if IP address is in ignore list
def inIgnoreIPList(self, ip, log_ignore=False): def inIgnoreIPList(self, ip, log_ignore=True):
if not isinstance(ip, IPAddr): if not isinstance(ip, IPAddr):
ip = IPAddr(ip) ip = IPAddr(ip)
@ -549,7 +549,7 @@ class Filter(JailThread):
fail = element[3] fail = element[3]
logSys.debug("Processing line with time:%s and ip:%s", logSys.debug("Processing line with time:%s and ip:%s",
unixTime, ip) unixTime, ip)
if self.inIgnoreIPList(ip, log_ignore=True): if self.inIgnoreIPList(ip):
continue continue
logSys.info( logSys.info(
"[%s] Found %s - %s", self.jailName, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S") "[%s] Found %s - %s", self.jailName, ip, datetime.datetime.fromtimestamp(unixTime).strftime("%Y-%m-%d %H:%M:%S")

6
fail2ban/tests/filtertestcase.py
View File

@ -336,20 +336,20 @@ class IgnoreIP(LogCaptureTestCase):
ipList = ("127.0.0.1",) ipList = ("127.0.0.1",)
# test ignoreSelf is false: # test ignoreSelf is false:
for ip in ipList: for ip in ipList:
self.assertFalse(self.filter.inIgnoreIPList(ip, log_ignore=True)) self.assertFalse(self.filter.inIgnoreIPList(ip))
self.assertNotLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule")) self.assertNotLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule"))
# test ignoreSelf with true: # test ignoreSelf with true:
self.filter.ignoreSelf = True self.filter.ignoreSelf = True
self.pruneLog() self.pruneLog()
for ip in ipList: for ip in ipList:
self.assertTrue(self.filter.inIgnoreIPList(ip, log_ignore=True)) self.assertTrue(self.filter.inIgnoreIPList(ip))
self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule")) self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ignoreself rule"))
def testIgnoreIPOK(self): def testIgnoreIPOK(self):
ipList = "127.0.0.1", "192.168.0.1", "255.255.255.255", "99.99.99.99" ipList = "127.0.0.1", "192.168.0.1", "255.255.255.255", "99.99.99.99"
for ip in ipList: for ip in ipList:
self.filter.addIgnoreIP(ip) self.filter.addIgnoreIP(ip)
self.assertTrue(self.filter.inIgnoreIPList(ip, log_ignore=True)) self.assertTrue(self.filter.inIgnoreIPList(ip))
self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ip")) self.assertLogged("[%s] Ignore %s by %s" % (self.jail.name, ip, "ip"))
def testIgnoreIPNOK(self): def testIgnoreIPNOK(self):