diff --git a/fail2ban/server/filter.py b/fail2ban/server/filter.py index 6f1572efd..5af3626a0 100644 --- a/fail2ban/server/filter.py +++ b/fail2ban/server/filter.py @@ -724,7 +724,7 @@ class Filter(JailThread): self.performBan(ip) # report to observer - failure was found, for possibly increasing of it retry counter (asynchronous) if Observers.Main is not None: - Observers.Main.add('failureFound', self.failManager, self.jail, tick) + Observers.Main.add('failureFound', self.jail, tick) self.procLines += 1 # every 100 lines check need to perform service tasks: if self.procLines % 100 == 0: diff --git a/fail2ban/server/observer.py b/fail2ban/server/observer.py index 241c677e1..ecbcd5b72 100644 --- a/fail2ban/server/observer.py +++ b/fail2ban/server/observer.py @@ -364,7 +364,7 @@ class ObserverThread(JailThread): ## [Async] ban time increment functionality ... ## ----------------------------------------- - def failureFound(self, failManager, jail, ticket): + def failureFound(self, jail, ticket): """ Notify observer a failure for ip was found Observer will check ip was known (bad) and possibly increase an retry count @@ -380,7 +380,7 @@ class ObserverThread(JailThread): retryCount = 1 timeOfBan = None try: - maxRetry = failManager.getMaxRetry() + maxRetry = jail.filter.failManager.getMaxRetry() db = jail.database if db is not None: for banCount, timeOfBan, lastBanTime in db.getBan(ip, jail): @@ -403,18 +403,12 @@ class ObserverThread(JailThread): MyTime.time2str(unixTime), banCount, retryCount, (', Ban' if retryCount >= maxRetry else '')) # retryCount-1, because a ticket was already once incremented by filter self - retryCount = failManager.addFailure(ticket, retryCount - 1, True) + retryCount = jail.filter.failManager.addFailure(ticket, retryCount - 1, True) ticket.setBanCount(banCount) # after observe we have increased attempt count, compare it >= maxretry ... if retryCount >= maxRetry: # perform the banning of the IP now (again) - # [todo]: this code part will be used multiple times - optimize it later. - try: # pragma: no branch - exception is the only way out - while True: - ticket = failManager.toBan(ip) - jail.putFailTicket(ticket) - except FailManagerEmpty: - failManager.cleanup(MyTime.time()) + jail.filter.performBan(ip) except Exception as e: logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG) diff --git a/fail2ban/tests/observertestcase.py b/fail2ban/tests/observertestcase.py index e379ccd18..38cfc8811 100644 --- a/fail2ban/tests/observertestcase.py +++ b/fail2ban/tests/observertestcase.py @@ -450,7 +450,8 @@ class BanTimeIncrDB(LogCaptureTestCase): def testObserver(self): if Fail2BanDb is None: # pragma: no cover return - jail = self.jail + jail = self.jail = DummyJail(backend='polling') + jail.database = self.db self.db.addJail(jail) # we tests with initial ban time = 10 seconds: jail.actions.setBanTime(10) @@ -480,27 +481,27 @@ class BanTimeIncrDB(LogCaptureTestCase): # add failure: ip = "192.0.2.1" ticket = FailTicket(ip, stime-120, []) - failManager = FailManager() + failManager = jail.filter.failManager = FailManager() failManager.setMaxRetry(3) for i in xrange(3): failManager.addFailure(ticket) - obs.add('failureFound', failManager, jail, ticket) + obs.add('failureFound', jail, ticket) obs.wait_empty(5) self.assertEqual(ticket.getBanCount(), 0) # check still not ban : self.assertTrue(not jail.getFailTicket()) # add manually 4th times banned (added to bips - make ip bad): ticket.setBanCount(4) - self.db.addBan(self.jail, ticket) + self.db.addBan(jail, ticket) restored_tickets = self.db.getCurrentBans(jail=jail, fromtime=stime-120, correctBanTime=False) self.assertEqual(len(restored_tickets), 1) # check again, new ticket, new failmanager: ticket = FailTicket(ip, stime, []) - failManager = FailManager() + failManager = jail.filter.failManager = FailManager() failManager.setMaxRetry(3) # add once only - but bad - should be banned: failManager.addFailure(ticket) - obs.add('failureFound', failManager, self.jail, ticket) + obs.add('failureFound', jail, ticket) obs.wait_empty(5) # wait until ticket transfered from failmanager into jail: ticket2 = Utils.wait_for(jail.getFailTicket, 10)