mirror of https://github.com/fail2ban/fail2ban
dnsToIp and other DNSUtils primitives uses sets instead of lists now (speed-up search of ip, e. g. ignoreself/ignoreip check process)
parent
0ae02ba2a1
commit
e99635650a
|
@ -64,7 +64,7 @@ class DNSUtils:
|
||||||
if ips is not None:
|
if ips is not None:
|
||||||
return ips
|
return ips
|
||||||
# retrieve ips
|
# retrieve ips
|
||||||
ips = list()
|
ips = set()
|
||||||
saveerr = None
|
saveerr = None
|
||||||
for fam, ipfam in ((socket.AF_INET, IPAddr.FAM_IPv4), (socket.AF_INET6, IPAddr.FAM_IPv6)):
|
for fam, ipfam in ((socket.AF_INET, IPAddr.FAM_IPv4), (socket.AF_INET6, IPAddr.FAM_IPv6)):
|
||||||
try:
|
try:
|
||||||
|
@ -75,7 +75,7 @@ class DNSUtils:
|
||||||
# (some python-versions resp. host configurations causes returning of integer there):
|
# (some python-versions resp. host configurations causes returning of integer there):
|
||||||
ip = IPAddr(str(result[4][0]), ipfam)
|
ip = IPAddr(str(result[4][0]), ipfam)
|
||||||
if ip.isValid:
|
if ip.isValid:
|
||||||
ips.append(ip)
|
ips.add(ip)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
saveerr = e
|
saveerr = e
|
||||||
if not ips and saveerr:
|
if not ips and saveerr:
|
||||||
|
@ -103,19 +103,19 @@ class DNSUtils:
|
||||||
def textToIp(text, useDns):
|
def textToIp(text, useDns):
|
||||||
""" Return the IP of DNS found in a given text.
|
""" Return the IP of DNS found in a given text.
|
||||||
"""
|
"""
|
||||||
ipList = list()
|
ipList = set()
|
||||||
# Search for plain IP
|
# Search for plain IP
|
||||||
plainIP = IPAddr.searchIP(text)
|
plainIP = IPAddr.searchIP(text)
|
||||||
if plainIP is not None:
|
if plainIP is not None:
|
||||||
ip = IPAddr(plainIP)
|
ip = IPAddr(plainIP)
|
||||||
if ip.isValid:
|
if ip.isValid:
|
||||||
ipList.append(ip)
|
ipList.add(ip)
|
||||||
|
|
||||||
# If we are allowed to resolve -- give it a try if nothing was found
|
# If we are allowed to resolve -- give it a try if nothing was found
|
||||||
if useDns in ("yes", "warn") and not ipList:
|
if useDns in ("yes", "warn") and not ipList:
|
||||||
# Try to get IP from possible DNS
|
# Try to get IP from possible DNS
|
||||||
ip = DNSUtils.dnsToIp(text)
|
ip = DNSUtils.dnsToIp(text)
|
||||||
ipList.extend(ip)
|
ipList.update(ip)
|
||||||
if ip and useDns == "warn":
|
if ip and useDns == "warn":
|
||||||
logSys.warning("Determined IP using DNS Lookup: %s = %s",
|
logSys.warning("Determined IP using DNS Lookup: %s = %s",
|
||||||
text, ipList)
|
text, ipList)
|
||||||
|
|
|
@ -1800,7 +1800,7 @@ class DNSUtilsNetworkTests(unittest.TestCase):
|
||||||
|
|
||||||
def testUseDns(self):
|
def testUseDns(self):
|
||||||
res = DNSUtils.textToIp('www.example.com', 'no')
|
res = DNSUtils.textToIp('www.example.com', 'no')
|
||||||
self.assertEqual(res, [])
|
self.assertSortedEqual(res, [])
|
||||||
res = DNSUtils.textToIp('www.example.com', 'warn')
|
res = DNSUtils.textToIp('www.example.com', 'warn')
|
||||||
# sort ipaddr, IPv4 is always smaller as IPv6
|
# sort ipaddr, IPv4 is always smaller as IPv6
|
||||||
self.assertSortedEqual(res, ['93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'])
|
self.assertSortedEqual(res, ['93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'])
|
||||||
|
@ -1821,12 +1821,13 @@ class DNSUtilsNetworkTests(unittest.TestCase):
|
||||||
# sort ipaddr, IPv4 is always smaller as IPv6
|
# sort ipaddr, IPv4 is always smaller as IPv6
|
||||||
self.assertSortedEqual(res, ['93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'])
|
self.assertSortedEqual(res, ['93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'])
|
||||||
else:
|
else:
|
||||||
self.assertEqual(res, [])
|
self.assertSortedEqual(res, [])
|
||||||
# pure ips:
|
# pure ips:
|
||||||
for s in ('93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'):
|
for s in ('93.184.216.34', '2606:2800:220:1:248:1893:25c8:1946'):
|
||||||
ips = DNSUtils.textToIp(s, 'yes')
|
ips = DNSUtils.textToIp(s, 'yes')
|
||||||
self.assertEqual(ips, [s])
|
self.assertSortedEqual(ips, [s])
|
||||||
self.assertTrue(isinstance(ips[0], IPAddr))
|
for ip in ips:
|
||||||
|
self.assertTrue(isinstance(ip, IPAddr))
|
||||||
|
|
||||||
def testIpToName(self):
|
def testIpToName(self):
|
||||||
unittest.F2B.SkipIfNoNetwork()
|
unittest.F2B.SkipIfNoNetwork()
|
||||||
|
|
|
@ -322,12 +322,16 @@ def initTests(opts):
|
||||||
# precache all wrong dns to ip's used in test cases:
|
# precache all wrong dns to ip's used in test cases:
|
||||||
c = DNSUtils.CACHE_nameToIp
|
c = DNSUtils.CACHE_nameToIp
|
||||||
for i in (
|
for i in (
|
||||||
('999.999.999.999', []),
|
('999.999.999.999', set()),
|
||||||
('abcdef.abcdef', []),
|
('abcdef.abcdef', set()),
|
||||||
('192.168.0.', []),
|
('192.168.0.', set()),
|
||||||
('failed.dns.ch', []),
|
('failed.dns.ch', set()),
|
||||||
):
|
):
|
||||||
c.set(*i)
|
c.set(*i)
|
||||||
|
# if fast - precache all host names as localhost addresses (speed-up getSelfIPs/ignoreself):
|
||||||
|
if unittest.F2B.fast: # pragma: no cover
|
||||||
|
for i in DNSUtils.getSelfNames():
|
||||||
|
c.set(i, DNSUtils.dnsToIp('localhost'))
|
||||||
|
|
||||||
|
|
||||||
def mtimesleep():
|
def mtimesleep():
|
||||||
|
|
Loading…
Reference in New Issue