github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban 

* 'enh/clarifyDnsUtilsMethods' of https://github.com/leeclemens/fail2ban:
  Update ChangeLog
  Clarify filter.DNSUtils functions' terminology and add unittests

Conflicts:
	ChangeLog -- rephrased a bit as well
pull/950/head
Yaroslav Halchenko 2015-02-03 20:29:03 -05:00
parent 5b3aa42c42 ed71a7cd22
commit eaca33e227
3 changed files with 30 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -67,6 +67,7 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released
* action.d/{sendmail-*,xarf-login-attack}.conf - report local * action.d/{sendmail-*,xarf-login-attack}.conf - report local
timezone not UTC time/zone. Closes gh-911 timezone not UTC time/zone. Closes gh-911
* Conditionally log Ignore IP with reason (dns, ip, command). Closes gh-916 * Conditionally log Ignore IP with reason (dns, ip, command). Closes gh-916
* Absorbed DNSUtils.cidr into addr2bin in filter.py, added unittests
ver. 0.9.1 (2014/10/29) - better, faster, stronger ver. 0.9.1 (2014/10/29) - better, faster, stronger

30
fail2ban/server/filter.py
View File

@ -367,8 +367,8 @@ class Filter(JailThread):
"(?<=b)1+", bin(DNSUtils.addr2bin(s[1]))).group()) "(?<=b)1+", bin(DNSUtils.addr2bin(s[1]))).group())
s[1] = long(s[1]) s[1] = long(s[1])
try: try:
a = DNSUtils.cidr(s[0], s[1]) a = DNSUtils.addr2bin(s[0], cidr=s[1])
b = DNSUtils.cidr(ip, s[1]) b = DNSUtils.addr2bin(ip, cidr=s[1])
except Exception: except Exception:
# Check if IP in DNS # Check if IP in DNS
ips = DNSUtils.dnsToIp(i) ips = DNSUtils.dnsToIp(i)
@ -913,22 +913,18 @@ class DNSUtils:
return ipList return ipList
@staticmethod @staticmethod
def cidr(i, n): def addr2bin(ipstring, cidr=None):
""" Convert an IP address string with a CIDR mask into a 32-bit """ Convert a string IPv4 address into binary form.
integer. If cidr is supplied, return the network address for the given block
""" """
# 32-bit IPv4 address mask if cidr is None:
MASK = 0xFFFFFFFFL return struct.unpack("!L", socket.inet_aton(ipstring))[0]
return ~(MASK >> n) & MASK & DNSUtils.addr2bin(i) else:
MASK = 0xFFFFFFFFL
return ~(MASK >> cidr) & MASK & DNSUtils.addr2bin(ipstring)
@staticmethod @staticmethod
def addr2bin(string): def bin2addr(ipbin):
""" Convert a string IPv4 address into an unsigned integer. """ Convert a binary IPv4 address into string n.n.n.n form.
""" """
return struct.unpack("!L", socket.inet_aton(string))[0] return socket.inet_ntoa(struct.pack("!L", ipbin))
@staticmethod
def bin2addr(addr):
""" Convert a numeric IPv4 address into string n.n.n.n form.
"""
return socket.inet_ntoa(struct.pack("!L", addr))

16
fail2ban/tests/filtertestcase.py
View File

@ -1026,6 +1026,22 @@ class DNSUtilsTests(unittest.TestCase):
res = DNSUtils.ipToName('10.0.0.0') res = DNSUtils.ipToName('10.0.0.0')
self.assertEqual(res, None) self.assertEqual(res, None)
def testAddr2bin(self):
res = DNSUtils.addr2bin('10.0.0.0')
self.assertEqual(res, 167772160L)
res = DNSUtils.addr2bin('10.0.0.0', cidr=None)
self.assertEqual(res, 167772160L)
res = DNSUtils.addr2bin('10.0.0.0', cidr=32L)
self.assertEqual(res, 167772160L)
res = DNSUtils.addr2bin('10.0.0.1', cidr=32L)
self.assertEqual(res, 167772161L)
res = DNSUtils.addr2bin('10.0.0.1', cidr=31L)
self.assertEqual(res, 167772160L)
def testBin2addr(self):
res = DNSUtils.bin2addr(167772160L)
self.assertEqual(res, '10.0.0.0')
class JailTests(unittest.TestCase): class JailTests(unittest.TestCase):
def testSetBackend_gh83(self): def testSetBackend_gh83(self):