On Fri, 8 Nov 2019, Sven Baars wrote: [...]
Probably a single run is fine because it stays under the limit. But when WineTest is run multiple times on the same VM (hence same IP address) in different configurations (particularly w8/w8adm or the various w1064 variants) the failed attempts could add up resulting in a ban.
Furthermore this would be pretty dependent on how much time passed between the wininet:ftp runs. It takes between 18 and 30 minutes to run WineTest so if the failed attempt counter is reset after 20 minutes (or if the ban did not expire yet) we'd see a pretty random behavior.
That may justify skipping but then we should add a comment if this explanation is indeed correct.
Or maybe the ftp.winehq.org configuration should be changed, but only Newman can say if it's ok security-wise.
I appear to have been perma banned from the ftp server for running that while loop while trying to create a similar workaround for the urlmon:protocol tests (which time out because of this). Isn't it possible to just have a dummy ftp server that doesn't ban anyone?
The ban is probably not really permanent, just a few hours. Unless Newman is running a recidive ban to block repeat offenders for days.
Btw, the wininet:ftp results are much better since Oct 27.
Btw, fail2ban's recidive rule is pretty nice. On my box it's currently banning 1115 repeat offenders for the next month for playing the guessing game on my ssh server.