From fc920212112ecb476ac290cc1687431eb6fe26fd Mon Sep 17 00:00:00 2001 From: sebres Date: Thu, 21 Feb 2019 14:36:18 +0100 Subject: [PATCH] coverage and few enhancements --- fail2ban/client/jailreader.py | 3 +-- fail2ban/server/transmitter.py | 4 ++-- fail2ban/tests/fail2banclienttestcase.py | 8 ++++++++ fail2ban/tests/servertestcase.py | 14 +++++++++++--- 4 files changed, 22 insertions(+), 7 deletions(-) diff --git a/fail2ban/client/jailreader.py b/fail2ban/client/jailreader.py index b8a89380..14fc39a1 100644 --- a/fail2ban/client/jailreader.py +++ b/fail2ban/client/jailreader.py @@ -246,8 +246,7 @@ class JailReader(ConfigReader): elif opt == "backend": backend = value elif opt == "ignoreip": - for ip in splitwords(value): - stream.append(["set", self.__name, "addignoreip", ip]) + stream.append(["set", self.__name, "addignoreip"] + splitwords(value)) elif opt in ("failregex", "ignoreregex"): multi = [] for regex in value.split('\n'): diff --git a/fail2ban/server/transmitter.py b/fail2ban/server/transmitter.py index 66818844..2a3b0c81 100644 --- a/fail2ban/server/transmitter.py +++ b/fail2ban/server/transmitter.py @@ -186,8 +186,8 @@ class Transmitter: self.__server.setIgnoreSelf(name, value) return self.__server.getIgnoreSelf(name) elif command[1] == "addignoreip": - value = command[2] - self.__server.addIgnoreIP(name, value) + for value in command[2:]: + self.__server.addIgnoreIP(name, value) return self.__server.getIgnoreIP(name) elif command[1] == "delignoreip": value = command[2] diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py index f3d0fe99..3972f80a 100644 --- a/fail2ban/tests/fail2banclienttestcase.py +++ b/fail2ban/tests/fail2banclienttestcase.py @@ -1194,6 +1194,14 @@ class Fail2banServerTest(Fail2banClientServerBase): "Jail 'test-jail1' stopped", "Jail 'test-jail1' started", all=True, wait=MID_WAITTIME) + # Coverage for pickle of IPAddr (as string): + self.pruneLog("[test-phase end-3]") + self.execCmd(SUCCESS, startparams, + "--async", "set", "test-jail1", "addignoreip", "192.0.2.1/32", "2001:DB8::1/96") + self.execCmd(SUCCESS, startparams, + "--async", "get", "test-jail1", "ignoreip") + self.assertLogged("192.0.2.1/32", "2001:DB8::1/96", all=True) + # test action.d/nginx-block-map.conf -- @unittest.F2B.skip_if_cfg_missing(action="nginx-block-map") @with_foreground_server_thread(startextra={ diff --git a/fail2ban/tests/servertestcase.py b/fail2ban/tests/servertestcase.py index f80afa45..a8722238 100644 --- a/fail2ban/tests/servertestcase.py +++ b/fail2ban/tests/servertestcase.py @@ -337,15 +337,23 @@ class Transmitter(TransmitterBase): self.transm.proceed(["set", self.jailName, "banip", "Badger"]), (0, 1)) #NOTE: Is IP address validated? Is DNS Lookup done? self.assertLogged("Ban Badger", wait=True) # Give chance to ban - # Unban IP + # Unban IP (first/last are not banned, so checking unban of both other succeeds): self.assertEqual( self.transm.proceed( - ["set", self.jailName, "unbanip", "192.0.2.255", "192.0.2.1", "192.0.2.2"]), + ["set", self.jailName, "unbanip", "192.0.2.255", "192.0.2.1", "192.0.2.2", "192.0.2.254"]), (0, 2)) - # Unban IP which isn't banned + self.assertLogged("Unban 192.0.2.1", "Unban 192.0.2.2", all=True, wait=True) + self.assertLogged("192.0.2.255 is not banned", "192.0.2.254 is not banned", all=True, wait=True) + self.pruneLog() + # Unban IP which isn't banned (error): self.assertEqual( self.transm.proceed( ["set", self.jailName, "unbanip", "--report-absent", "192.0.2.255"])[0],1) + # ... (no error, IPs logged only): + self.assertEqual( + self.transm.proceed( + ["set", self.jailName, "unbanip", "192.0.2.255", "192.0.2.254"]),(0, 0)) + self.assertLogged("192.0.2.255 is not banned", "192.0.2.254 is not banned", all=True, wait=True) def testJailAttemptIP(self): self.server.startJail(self.jailName) # Jail must be started