action.d/badips.py: code review, ban command covered, debug log-messages, etc;

7 years ago · f52c67238a
parent 095a909c84
commit f52c67238a
2 changed files with 27 additions and 6 deletions
--- a/config/action.d/badips.py
+++ b/config/action.d/badips.py
@ -186,6 +186,7 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 				urlencode({'age': age})])
 			if key:
 				url = "&".join([url, urlencode({'key': key})])
+			self._logSys.debug('badips.com: get list, url: %r', url)
 			response = urlopen(self._Request(url), timeout=self.timeout)
 		except HTTPError as response:
 			messages = json.loads(response.read().decode('utf-8'))
@ -371,6 +372,7 @@ class BadIPsAction(ActionBase): # pragma: no cover - may be unavailable
 			url = "/".join([self._badips, "add", self.category, str(aInfo['ip'])])
 			if self.key:
 				url = "?".join([url, urlencode({'key': self.key})])
+			self._logSys.debug('badips.com: ban, url: %r', url)
 			response = urlopen(self._Request(url), timeout=self.timeout)
 		except HTTPError as response:
 			messages = json.loads(response.read().decode('utf-8'))
--- a/fail2ban/tests/action_d/test_badips.py
+++ b/fail2ban/tests/action_d/test_badips.py
@ -21,15 +21,18 @@ import os
 import unittest
 import sys

+from ..actiontestcase import CallingMap
 from ..dummyjail import DummyJail
-from ..utils import CONFIG_DIR
+from ..servertestcase import IPAddr
+from ..utils import LogCaptureTestCase, CONFIG_DIR

 if sys.version_info >= (2,7): # pragma: no cover - may be unavailable
-	class BadIPsActionTest(unittest.TestCase):
+	class BadIPsActionTest(LogCaptureTestCase):

 		available = True, None
+		pythonModule = None
 		modAction = None
-		
+
 		def setUp(self):
 			"""Call before every test case."""
 			super(BadIPsActionTest, self).setUp()
@ -39,17 +42,20 @@ if sys.version_info >= (2,7): # pragma: no cover - may be unavailable

 			self.jail.actions.add("test")

-			pythonModule = os.path.join(CONFIG_DIR, "action.d", "badips.py")
+			pythonModuleName = os.path.join(CONFIG_DIR, "action.d", "badips.py")

 			# check availability (once if not alive, used shorter timeout as in test cases):
 			if BadIPsActionTest.available[0]:
 				if not BadIPsActionTest.modAction:
-					BadIPsActionTest.modAction = self.jail.actions._load_python_module(pythonModule).Action
+					if not BadIPsActionTest.pythonModule:
+						BadIPsActionTest.pythonModule = self.jail.actions._load_python_module(pythonModuleName)
+					BadIPsActionTest.modAction = BadIPsActionTest.pythonModule.Action
+					self.jail.actions._load_python_module(pythonModuleName)
 				BadIPsActionTest.available = BadIPsActionTest.modAction.isAvailable(timeout=2 if unittest.F2B.fast else 10)
 			if not BadIPsActionTest.available[0]:
 				raise unittest.SkipTest('Skip test because service is not available: %s' % BadIPsActionTest.available[1])

-			self.jail.actions.add("badips", pythonModule, initOpts={
+			self.jail.actions.add("badips", pythonModuleName, initOpts={
 				'category': "ssh",
 				'banaction': "test",
 				'score': 5,
@ -106,3 +112,16 @@ if sys.version_info >= (2,7): # pragma: no cover - may be unavailable
 				"%s is fewer as 10: %r" % (len(self.action._bannedips), self.action._bannedips))
 			self.action.stop()
 			self.assertTrue(len(self.action._bannedips) == 0)
+
+		def testBanIP(self):
+			aInfo = CallingMap({
+				'ip': IPAddr('192.0.2.1')
+			})
+			self.action.ban(aInfo)
+			self.assertLogged('badips.com: ban', wait=True)
+			self.pruneLog()
+			# produce an error using wrong category/IP:
+			self.action._category = 'f2b-this-category-dont-available-test-suite-only'
+			aInfo['ip'] = ''
+			self.assertRaises(BadIPsActionTest.pythonModule.HTTPError, self.action.ban, aInfo)
+			self.assertLogged('IP is invalid', 'invalid category', wait=True, all=False)