diff --git a/config/jail.conf b/config/jail.conf index 8b7d3d9b..daebf48b 100644 --- a/config/jail.conf +++ b/config/jail.conf @@ -177,19 +177,19 @@ action_mw = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port # ban & send an e-mail with whois report and relevant log lines # to the destemail. action_mwl = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] - %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"] + %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action # # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines # to the destemail. action_xarf = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] - xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath=%(logpath)s, port="%(port)s"] + xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines # to the destemail. action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] - %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"] + %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] # Report block via blocklist.de fail2ban reporting service API # diff --git a/fail2ban/client/jailreader.py b/fail2ban/client/jailreader.py index b06ba72d..b8a89380 100644 --- a/fail2ban/client/jailreader.py +++ b/fail2ban/client/jailreader.py @@ -151,12 +151,21 @@ class JailReader(ConfigReader): self.__filter.getOptions(self.__opts) # Read action - for act in self.__opts["action"].split('\n'): + prevln = '' + actlst = self.__opts["action"].split('\n') + for n, act in enumerate(actlst): try: if not act: # skip empty actions continue + # join with previous line if needed (consider possible new-line): + if prevln: act = prevln + '\n' + act actName, actOpt = extractOptions(act) + prevln = '' if not actName: + # consider possible new-line, so repeat with joined next line's: + if n < len(actlst) - 1: + prevln = act + continue raise JailDefError("Invalid action definition %r" % act) if actName.endswith(".py"): self.__actions.append([ diff --git a/fail2ban/tests/clientreadertestcase.py b/fail2ban/tests/clientreadertestcase.py index 96e6c7a4..9854417d 100644 --- a/fail2ban/tests/clientreadertestcase.py +++ b/fail2ban/tests/clientreadertestcase.py @@ -353,6 +353,30 @@ class JailReaderTest(LogCaptureTestCase): ) self.assertEqual(expected2, result) + def testMultiLineOption(self): + jail = JailReader('multi-log', force_enable=True, basedir=IMPERFECT_CONFIG, share_config=IMPERFECT_CONFIG_SHARE_CFG) + self.assertTrue(jail.read()) + self.assertTrue(jail.getOptions()) + self.assertEqual(jail.options['logpath'], 'a.log\nb.log\nc.log') + self.assertEqual(jail.options['action'], 'action[actname=\'ban\']\naction[actname=\'log\', logpath="a.log\nb.log\nc.log\nd.log"]\naction[actname=\'test\']') + self.assertSortedEqual([a.convert() for a in jail._JailReader__actions], [ + [['set', 'multi-log', 'addaction', 'ban'], ['multi-set', 'multi-log', 'action', 'ban', [ + ['actionban', 'echo "name: ban, ban: , logs: a.log\nb.log\nc.log"'], + ['actname', 'ban'], + ['name', 'multi-log'] + ]]], + [['set', 'multi-log', 'addaction', 'log'], ['multi-set', 'multi-log', 'action', 'log', [ + ['actionban', 'echo "name: log, ban: , logs: a.log\nb.log\nc.log\nd.log"'], + ['actname', 'log'], + ['logpath', 'a.log\nb.log\nc.log\nd.log'], ['name', 'multi-log'] + ]]], + [['set', 'multi-log', 'addaction', 'test'], ['multi-set', 'multi-log', 'action', 'test', [ + ['actionban', 'echo "name: test, ban: , logs: a.log\nb.log\nc.log"'], + ['actname', 'test'], + ['name', 'multi-log'] + ]]] + ]) + def testVersionAgent(self): unittest.F2B.SkipIfCfgMissing(stock=True) jail = JailReader('blocklisttest', force_enable=True, basedir=CONFIG_DIR) diff --git a/fail2ban/tests/config/action.d/action.conf b/fail2ban/tests/config/action.d/action.conf new file mode 100644 index 00000000..b26c00b8 --- /dev/null +++ b/fail2ban/tests/config/action.d/action.conf @@ -0,0 +1,4 @@ + +[Definition] + +actionban = echo "name: , ban: , logs: %(logpath)s" diff --git a/fail2ban/tests/config/jail.conf b/fail2ban/tests/config/jail.conf index 3dcbf634..6539adc1 100644 --- a/fail2ban/tests/config/jail.conf +++ b/fail2ban/tests/config/jail.conf @@ -51,3 +51,15 @@ action = [tz_correct] enabled = true logtimezone = UTC+0200 + +[multi-log] +enabled = false +filter = +logpath = a.log + b.log + c.log +log2nd = %(logpath)s + d.log +action = action[actname='ban'] + action[actname='log', logpath="%(log2nd)s"] + action[actname='test'] \ No newline at end of file