diff options
| author | David Sommerseth <davids@redhat.com> | 2015-09-25 22:51:14 +0200 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2015-09-25 22:51:14 +0200 |
| commit | 43ef6665c45893ea8d9bb3ac6925b321eb01318c (patch) | |
| tree | 4a28486145035290a6fdc415a416e8d0a1184e91 | |
| parent | 704f030d56c4d73750219f19ff833340d63d0d06 (diff) | |
| download | logactio-43ef6665c45893ea8d9bb3ac6925b321eb01318c.tar.gz logactio-43ef6665c45893ea8d9bb3ac6925b321eb01318c.tar.xz logactio-43ef6665c45893ea8d9bb3ac6925b321eb01318c.zip | |
If an IP address is already registered, double check with ipset too
This is needed to avoid LogActio believing an IP address has been registered
but have been removed from ipset - either manually or by a timeout.
Signed-off-by: David Sommerseth <davids@redhat.com>
| -rw-r--r-- | LogActio/Reporters/IPTipset.py | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/LogActio/Reporters/IPTipset.py b/LogActio/Reporters/IPTipset.py index 5ba89a8..a033cd3 100644 --- a/LogActio/Reporters/IPTipset.py +++ b/LogActio/Reporters/IPTipset.py @@ -148,7 +148,7 @@ class IPTipset(LogActio.ReporterQueue.ReporterQueue): tmplog = tempfile.SpooledTemporaryFile(mode="rw+b") self.__log(4, "[IPTipset] Executing: %s" % " ".join(args)) cmd = subprocess.Popen(args, stdin=nullfp, stdout=tmplog, stderr=tmplog) - cmd.wait() + res = cmd.wait() self.__parse_cmd_log("ipset:%s" % mode, tmplog) # Clean up @@ -156,6 +156,8 @@ class IPTipset(LogActio.ReporterQueue.ReporterQueue): del tmplog os.close(nullfp); + return res + def __prepare_ipset(self): params = [] @@ -260,6 +262,13 @@ class IPTipset(LogActio.ReporterQueue.ReporterQueue): try: registered.index(m["ipaddress"]) + + # Check if this IP address is still in ipset, if not register it again + if self.__call_ipset("test", m["ipaddress"]) == 1: + self.__log(4, "[IPTipset] IP address %s was removed from ipset '%s'. Will re-add it." % (m["ipaddress"], self.__ipsetname)) + registered.remove(m["ipaddress"]) + raise ValueError + except ValueError: self.__log(2, "[IPTipset] {Rule %s} Adding IP address %s to ipset '%s' based on entry in log file '%s' with the threshold %i after %i hits" % (m["rulename"], m["ipaddress"], self.__ipsetname, m["logfile"], m["threshold"], m["count"])) |