* Merged with upstream

* Changed debian/watch to run svn-upgrade
debian-releases/etch
Yaroslav Halchenko 2005-07-23 19:15:22 +00:00
parent c3909b8ec4
commit 120a1d9fbc
17 changed files with 263 additions and 109 deletions

View File

@ -4,9 +4,20 @@
|_| \__,_|_|_/___|_.__/\__,_|_||_| |_| \__,_|_|_/___|_.__/\__,_|_||_|
============================================================= =============================================================
Fail2Ban (version 0.5.0) 2005/07/12 Fail2Ban (version 0.5.1) 2005/07/23
============================================================= =============================================================
ver. 0.5.1 (2005/07/23) - beta
----------
- Fixed bugs #1241756, #1239557
- Added log targets in configuration file. Removed -l option
- Changed iptables rules in order to create a separated chain
for each section
- Fixed static banList in firewall.py
- Added an initd script for Debian. Thanks to Yaroslav
Halchenko
- Check for obsolete files after install
ver. 0.5.0 (2005/07/12) - beta ver. 0.5.0 (2005/07/12) - beta
---------- ----------
- Added support for CIDR mask in ignoreip - Added support for CIDR mask in ignoreip

View File

@ -1,6 +1,6 @@
Metadata-Version: 1.0 Metadata-Version: 1.0
Name: fail2ban Name: fail2ban
Version: 0.5.0 Version: 0.5.1
Summary: Ban IPs that make too many password failure Summary: Ban IPs that make too many password failure
Home-page: http://fail2ban.sourceforge.net Home-page: http://fail2ban.sourceforge.net
Author: Cyril Jaquier Author: Cyril Jaquier

25
README
View File

@ -4,7 +4,7 @@
|_| \__,_|_|_/___|_.__/\__,_|_||_| |_| \__,_|_|_/___|_.__/\__,_|_||_|
============================================================= =============================================================
Fail2Ban (version 0.5.0) 2005/07/12 Fail2Ban (version 0.5.1) 2005/07/23
============================================================= =============================================================
Fail2Ban scans log files like /var/log/pwdfail and bans IP Fail2Ban scans log files like /var/log/pwdfail and bans IP
@ -55,34 +55,36 @@ Installation:
------------- -------------
Require: python-2.3 (http://www.python.org) Require: python-2.3 (http://www.python.org)
log4py-1.1 (http://sourceforge.net/projects/log4py) log4py-1.3 (http://sourceforge.net/projects/log4py)
To install, just do: To install, just do:
> tar xvfj fail2ban-0.5.0.tar.bz2 > tar xvfj fail2ban-0.5.1.tar.bz2
> cd fail2ban-0.5.0 > cd fail2ban-0.5.1
> python setup.py install > python setup.py install
This will install Fail2Ban into /usr/lib/fail2ban. The This will install Fail2Ban into /usr/lib/fail2ban. The fail2ban
fail2ban.py executable is placed into /usr/bin. executable is placed into /usr/bin.
Gentoo: an ebuild is available on the website. Gentoo: an ebuild is available on the website.
Debian: a package is available on the website. Debian: a package is available on the website.
Fail2Ban should now be correctly installed. Just type: Fail2Ban should now be correctly installed. Just type:
> fail2ban.py -h > fail2ban -h
to see if everything is alright. You can configure fail2ban to see if everything is alright. You can configure fail2ban
with a config file. Copy config/fail2ban.conf.default to with a config file. Copy config/fail2ban.conf.default to
/etc/fail2ban.conf. /etc/fail2ban.conf.
Gentoo users can use the initd script available in config/. You can use the initd script available in config/. Copy
Copy gentoo-initd to /etc/init.d/fail2ban and gentoo-confd <dist>-initd to /etc/init.d/fail2ban. Gentoo users must copy
to /etc/conf.d/fail2ban. You can start fail2ban and add it gentoo-confd to /etc/conf.d/fail2ban. You can start fail2ban:
to your default runlevel:
> /etc/init.d/fail2ban start > /etc/init.d/fail2ban start
Gentoo users can add it to the default runlevel:
> rc-update add fail2ban default > rc-update add fail2ban default
Configuration: Configuration:
@ -100,7 +102,6 @@ options:
-h display this help message -h display this help message
-i <IP(s)> IP(s) to ignore -i <IP(s)> IP(s) to ignore
-k kill a currently running Fail2Ban instance -k kill a currently running Fail2Ban instance
-l <FILE> log messages in FILE
-r <VALUE> allow a max of VALUE password failure -r <VALUE> allow a max of VALUE password failure
-t <TIME> ban IP for TIME seconds -t <TIME> ban IP for TIME seconds
-v verbose. Use twice for greater effect -v verbose. Use twice for greater effect

10
TODO
View File

@ -7,9 +7,7 @@
ToDo ToDo
============================================================= =============================================================
- cleanup fail2ban.py See Feature Request Tracking System at SourceForge.net
- improve configuration file and command line options
handling - improve installation process (better prefix support)
- improve installation process - add better documentation (man page)
- add init script
- use FAM (inotify, gamin, ...)

62
config/debian-initd Normal file
View File

@ -0,0 +1,62 @@
#! /bin/sh
#
# Fail2Ban init.d file - to be launched on boot
#
# Written by Miquel van Smoorenburg <miquels@cistron.nl>.
# Modified for Debian
# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
# Adjusted for Fail2Ban
# by Yaroslav Halchenko <debian@onerussian.com>.
#
# Version: $Id: $
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/bin/fail2ban
NAME=fail2ban
DESC=fail2ban
PIDFILE=/var/run/$NAME.pid
test -x $DAEMON || exit 0
# Include fail2ban defaults if available
if [ -f /etc/default/fail2ban ] ; then
. /etc/default/fail2ban
fi
DAEMON_OPTS=$FAIL2BAN_OPTS
set -e
case "$1" in
start)
echo -n "Starting $DESC: "
[ -f $PIDFILE ] && [ ! -d /proc/`cat $PIDFILE` ] && rm -f $PIDFILE
start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \
-b --exec $DAEMON -- $DAEMON_OPTS
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid
rm -f $PIDFILE
echo "$NAME."
;;
restart|force-reload)
#
# If the "reload" option is implemented, move the "force-reload"
# option to the "reload" entry above. If not, "force-reload" is
# just the same as "restart".
#
echo -n "Restarting $DESC: "
( $0 stop )
sleep 1
$0 start
;;
*)
N=/etc/init.d/$NAME
# echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $N {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0

View File

@ -1,6 +1,6 @@
# Fail2Ban configuration file # Fail2Ban configuration file
# #
# $Revision: 1.8.2.5 $ # $Revision: 1.8.2.7 $
# #
# 2005.06.21 modified for readability Iain Lea iain@bricbrac.de # 2005.06.21 modified for readability Iain Lea iain@bricbrac.de
@ -17,18 +17,18 @@ background = true
# #
debug = false debug = false
# Option: logtargets
# Notes.: log targets. Space separated list of logging targets.
# Values: STDOUT STDERR SYSLOG file Default: STDOUT /var/log/fail2ban.log
#
logtargets = STDOUT /var/log/fail2ban.log
# Option: pidlock # Option: pidlock
# Notes.: path of the PID lock file (must be able to write to file). # Notes.: path of the PID lock file (must be able to write to file).
# Values: FILE Default: /var/run/fail2ban.pid # Values: FILE Default: /var/run/fail2ban.pid
# #
pidlock = /var/run/fail2ban.pid pidlock = /var/run/fail2ban.pid
# Option: logfile
# Notes.: logfile for logging fail2ban messages.
# Values: FILE Default: /var/log/fail2ban.log
#
logfile = /var/log/fail2ban.log
# Option: maxretry # Option: maxretry
# Notes.: number of retrys before IP gets banned. # Notes.: number of retrys before IP gets banned.
# Values: NUM Default: 3 # Values: NUM Default: 3
@ -45,9 +45,12 @@ bantime = 600
# Notes.: space separated list of IP's to be ignored by fail2ban. # Notes.: space separated list of IP's to be ignored by fail2ban.
# You can use CIDR mask in order to specify a range. # You can use CIDR mask in order to specify a range.
# Example: ignoreip = 192.168.0.1/24 123.45.235.65 # Example: ignoreip = 192.168.0.1/24 123.45.235.65
# Values: IP Default: 192.168.0.0/24 # Values: IP Default: empty
# Examples
# ignoreip = 192.168.0.0/24
# #
ignoreip = 192.168.0.0/16 ignoreip =
# Option: cmdstart # Option: cmdstart
# Notes.: command executed once at the start of Fail2Ban # Notes.: command executed once at the start of Fail2Ban
@ -93,7 +96,8 @@ port = 25
from = fail2ban from = fail2ban
# Option: to # Option: to
# Notes.: e-mail address of the receiver. # Notes.: e-mail addresses of the receiver. Addresses are space
# separated.
# Values: MAIL Default: root # Values: MAIL Default: root
# #
to = root to = root
@ -116,10 +120,10 @@ subject = [Fail2Ban] Banned <ip>
# Values: TEXT Default: # Values: TEXT Default:
# #
message = Hi,<br> message = Hi,<br>
The IP <ip> has just been banned by Fail2Ban after The IP <ip> has just been banned by Fail2Ban after
<failures> attempts.<br> <failures> attempts.<br>
Regards,<br> Regards,<br>
Fail2Ban Fail2Ban
# You can define a new section for each log file to check for # You can define a new section for each log file to check for
# password failure. Each section has to define the following # password failure. Each section has to define the following
@ -143,13 +147,17 @@ logfile = /var/log/apache/access.log
# Notes.: command executed once at the start of Fail2Ban # Notes.: command executed once at the start of Fail2Ban
# Values: CMD Default: # Values: CMD Default:
# #
fwstart = fwstart = iptables -N FAIL2BAN-HTTP
iptables -I INPUT -i eth0 -p tcp --dport http -j FAIL2BAN-HTTP
iptables -A FAIL2BAN-HTTP -j RETURN
# Option: fwend # Option: fwend
# Notes.: command executed once at the end of Fail2Ban # Notes.: command executed once at the end of Fail2Ban
# Values: CMD Default: # Values: CMD Default:
# #
fwend = fwend = iptables -D INPUT -i eth0 -p tcp --dport http -j FAIL2BAN-HTTP
iptables -D FAIL2BAN-HTTP -j RETURN
iptables -X FAIL2BAN-HTTP
# Option: fwban # Option: fwban
# Notes.: command executed when banning an IP. Take care that the # Notes.: command executed when banning an IP. Take care that the
@ -161,7 +169,7 @@ fwend =
# Values: CMD # Values: CMD
# Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP # Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
# #
fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP fwban = iptables -I FAIL2BAN-HTTP 1 -i eth0 -s <ip> -j DROP
# Option: fwunban # Option: fwunban
# Notes.: command executed when unbanning an IP. Take care that the # Notes.: command executed when unbanning an IP. Take care that the
@ -172,7 +180,7 @@ fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
# Values: CMD # Values: CMD
# Default: iptables -D INPUT -i eth0 -s <ip> -j DROP # Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
# #
fwunban = iptables -D INPUT -i eth0 -s <ip> -j DROP fwunban = iptables -D FAIL2BAN-HTTP -i eth0 -s <ip> -j DROP
# Option: timeregex # Option: timeregex
# Notes.: regex to match timestamp in Apache logfile. # Notes.: regex to match timestamp in Apache logfile.
@ -211,13 +219,17 @@ logfile = /var/log/auth.log
# Notes.: command executed once at the start of Fail2Ban # Notes.: command executed once at the start of Fail2Ban
# Values: CMD Default: # Values: CMD Default:
# #
fwstart = fwstart = iptables -N FAIL2BAN-SSH
iptables -I INPUT -i eth0 -p tcp --dport ssh -j FAIL2BAN-SSH
iptables -A FAIL2BAN-SSH -j RETURN
# Option: fwend # Option: fwend
# Notes.: command executed once at the end of Fail2Ban # Notes.: command executed once at the end of Fail2Ban
# Values: CMD Default: # Values: CMD Default:
# #
fwend = fwend = iptables -D INPUT -i eth0 -p tcp --dport ssh -j FAIL2BAN-SSH
iptables -D FAIL2BAN-SSH -j RETURN
iptables -X FAIL2BAN-SSH
# Option: fwbanrule # Option: fwbanrule
# Notes.: command executed when banning an IP. Take care that the # Notes.: command executed when banning an IP. Take care that the
@ -229,7 +241,7 @@ fwend =
# Values: CMD # Values: CMD
# Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP # Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
# #
fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP fwban = iptables -I FAIL2BAN-SSH 1 -i eth0 -s <ip> -j DROP
# Option: fwunbanrule # Option: fwunbanrule
# Notes.: command executed when unbanning an IP. Take care that the # Notes.: command executed when unbanning an IP. Take care that the
@ -240,7 +252,7 @@ fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
# Values: CMD # Values: CMD
# Default: iptables -D INPUT -i eth0 -s <ip> -j DROP # Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
# #
fwunban = iptables -D INPUT -i eth0 -s <ip> -j DROP fwunban = iptables -D FAIL2BAN-SSH -i eth0 -s <ip> -j DROP
# Option: timeregex # Option: timeregex
# Notes.: regex to match timestamp in SSH logfile. # Notes.: regex to match timestamp in SSH logfile.

14
debian/README.Debian vendored
View File

@ -2,12 +2,18 @@ fail2ban for Debian
------------------- -------------------
This package is nearly 100% identical to the upstream version. It was This package is nearly 100% identical to the upstream version. It was
merely packaged to be installed on a Debian system. merely packaged to be installed on a Debian system and due to tight
collaboration with upstream author most of the Debian modifications
penetrate into the next upstream.
Module log4py installed into lib/fail2ban directory because there is no Currently the main difference with upstream: python libraries are
package for not-developed-in-a-long-time fail2ban placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to
comply with policy regarding architecture independent resources.
Module log4py installed along into fail2ban directory because there is
no package for not-developed-in-a-long-time fail2ban
See the file TODO.Debian for more details, as well as the Debian Bug See the file TODO.Debian for more details, as well as the Debian Bug
Tracking system. Tracking system.
-- Yaroslav Halchenko <debian@onerussian.com>, Tue, 4 Jul 2005 00:00:00 -1000 -- Yaroslav O. Halchenko <debian@onerussian.com>, Sat Jul 23 09:09:51 2005

7
debian/changelog vendored
View File

@ -1,6 +1,13 @@
fail2ban (0.5.1-1) unstable; urgency=low
* New upstream release
-- Yaroslav Halchenko <debian@onerussian.com> Sat, 23 Jul 2005 08:50:00 -1000
fail2ban (0.5.0-1) unstable; urgency=low fail2ban (0.5.0-1) unstable; urgency=low
* New upstream release * New upstream release
* Libraries placed under /usr/share/fail2ban instead of /usr/lib/fail2ban
* Corrections to the description of the package * Corrections to the description of the package
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 12 Jul 2005 23:33:20 -1000 -- Yaroslav Halchenko <debian@onerussian.com> Tue, 12 Jul 2005 23:33:20 -1000

6
debian/watch vendored
View File

@ -2,7 +2,5 @@
# Run the "uscan" command to check for upstream updates and more. # Run the "uscan" command to check for upstream updates and more.
# Site Directory Pattern Version Script # Site Directory Pattern Version Script
version=3 version=3
http://sf.net/fail2ban/fail2ban-(.*)\.tar\.bz2
#http://voxel.dl.sourceforge.net/sourceforge/fail2ban/ \ http://sf.net/fail2ban/fail2ban-(.*)\.tar\.bz2 debian svn-upgrade
# fail2ban-([0-9]+\.[0-9]+\.[0-9]*)\.tar\.bz2
# debian uupdate

View File

@ -18,21 +18,21 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.4.2.2 $ # $Revision: 1.4.2.3 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.4.2.2 $" __version__ = "$Revision: 1.4.2.3 $"
__date__ = "$Date: 2005/07/08 10:21:52 $" __date__ = "$Date: 2005/07/15 14:11:21 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
from sys import exit, path from sys import exit, path
#yoh: We do need to load this path first if we ship log4py with fail2ban #yoh: We do need to load this path first if we ship log4py with fail2ban
# Appends our own modules path # Appends our own modules path. Added before log4py import
# because log4py could be distributed with Fail2Ban.
path.append('/usr/share/fail2ban') path.append('/usr/share/fail2ban')
# Checks for required libs # Checks for required libs
# Checks if log4py is present. # Checks if log4py is present.
try: try:

View File

@ -16,23 +16,24 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.20.2.5 $ # $Revision: 1.20.2.8 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.20.2.5 $" __version__ = "$Revision: 1.20.2.8 $"
__date__ = "$Date: 2005/07/12 13:11:58 $" __date__ = "$Date: 2005/07/22 21:13:19 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
import time, sys, getopt, os, string, signal, log4py import time, sys, getopt, os, string, signal, log4py
from ConfigParser import * from ConfigParser import *
from version import version
from firewall.firewall import Firewall from firewall.firewall import Firewall
from logreader.logreader import LogReader from logreader.logreader import LogReader
from confreader.configreader import ConfigReader from confreader.configreader import ConfigReader
from utils.process import *
from utils.mail import Mail from utils.mail import Mail
from version import version from utils.dns import *
from utils.process import *
# Gets the instance of log4py. # Gets the instance of log4py.
logSys = log4py.Logger().get_instance() logSys = log4py.Logger().get_instance()
@ -56,7 +57,6 @@ def dispUsage():
print " -h display this help message" print " -h display this help message"
print " -i <IP(s)> IP(s) to ignore" print " -i <IP(s)> IP(s) to ignore"
print " -k kill a currently running Fail2Ban instance" print " -k kill a currently running Fail2Ban instance"
print " -l <FILE> log messages in FILE"
print " -r <VALUE> allow a max of VALUE password failure" print " -r <VALUE> allow a max of VALUE password failure"
print " -t <TIME> ban IP for TIME seconds" print " -t <TIME> ban IP for TIME seconds"
print " -v verbose. Use twice for greater effect" print " -v verbose. Use twice for greater effect"
@ -119,8 +119,6 @@ def getCmdLineOptions(optList):
conf["background"] = True conf["background"] = True
if opt[0] == "-d": if opt[0] == "-d":
conf["debug"] = True conf["debug"] = True
if opt[0] == "-l":
conf["logfile"] = opt[1]
if opt[0] == "-t": if opt[0] == "-t":
try: try:
conf["bantime"] = int(opt[1]) conf["bantime"] = int(opt[1])
@ -153,7 +151,7 @@ def main():
# Reads the command line options. # Reads the command line options.
try: try:
cmdOpts = 'hvVbdkc:l:t:i:r:p:' cmdOpts = 'hvVbdkc:t:i:r:p:'
cmdLongOpts = ['help','version'] cmdLongOpts = ['help','version']
optList, args = getopt.getopt(sys.argv[1:], cmdOpts, cmdLongOpts) optList, args = getopt.getopt(sys.argv[1:], cmdOpts, cmdLongOpts)
except getopt.GetoptError: except getopt.GetoptError:
@ -171,8 +169,8 @@ def main():
# Options # Options
optionValues = (["bool", "background", False], optionValues = (["bool", "background", False],
["str", "logtargets", "STDOUT /var/log/fail2ban.log"],
["bool", "debug", False], ["bool", "debug", False],
["str", "logfile", "/var/log/fail2ban.log"],
["str", "pidlock", "/var/run/fail2ban.pid"], ["str", "pidlock", "/var/run/fail2ban.pid"],
["int", "maxretry", 3], ["int", "maxretry", 3],
["int", "bantime", 600], ["int", "bantime", 600],
@ -188,6 +186,31 @@ def main():
getCmdLineOptions(optList) getCmdLineOptions(optList)
# Process some options # Process some options
# Log targets
# Bug fix for #1234699
os.umask(0077)
# Remove all the targets before setting our own
logSys.remove_all_targets()
for target in conf["logtargets"].split():
if target == "STDOUT":
logSys.add_target(log4py.TARGET_SYS_STDOUT)
elif target == "STDERR":
logSys.add_target(log4py.TARGET_SYS_STDERR)
elif target == "SYSLOG":
logSys.add_target(log4py.TARGET_SYSLOG)
else:
# Target should be a file
try:
open(target, "a")
logSys.add_target(target)
except IOError:
logSys.error("Unable to log to " + target)
# Check if at least one target exists
if len(logSys.get_targets()) == 0:
logSys.add_target(log4py.TARGET_SYS_STDOUT)
logSys.error("No valid logging target found. Logging to STDOUT")
# Verbose level # Verbose level
if conf["verbose"]: if conf["verbose"]:
logSys.warn("Verbose level is "+`conf["verbose"]`) logSys.warn("Verbose level is "+`conf["verbose"]`)
@ -210,14 +233,6 @@ def main():
if not retCode: if not retCode:
logSys.error("Unable to start daemon") logSys.error("Unable to start daemon")
sys.exit(-1) sys.exit(-1)
# Bug fix for #1234699
os.umask(0077)
try:
open(conf["logfile"], "a")
logSys.set_target(conf["logfile"])
except IOError:
logSys.error("Unable to log to " + conf["logfile"])
logSys.warn("Using default output for logging")
# Ignores IP list # Ignores IP list
ignoreIPList = conf["ignoreip"].split(' ') ignoreIPList = conf["ignoreip"].split(' ')
@ -291,8 +306,10 @@ def main():
element[1].addIgnoreIP("127.0.0.1") element[1].addIgnoreIP("127.0.0.1")
while len(ignoreIPList) > 0: while len(ignoreIPList) > 0:
ip = ignoreIPList.pop() ip = ignoreIPList.pop()
for element in logFwList: # Bug fix for #1239557
element[1].addIgnoreIP(ip) if isValidIP(ip):
for element in logFwList:
element[1].addIgnoreIP(ip)
logSys.info("Fail2Ban v"+version+" is running") logSys.info("Fail2Ban v"+version+" is running")
# Execute global start command # Execute global start command

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.8.2.4 $ # $Revision: 1.8.2.5 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.8.2.4 $" __version__ = "$Revision: 1.8.2.5 $"
__date__ = "$Date: 2005/07/12 13:08:24 $" __date__ = "$Date: 2005/07/15 14:07:08 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
@ -37,12 +37,11 @@ class Firewall:
the IP. the IP.
""" """
banList = dict()
def __init__(self, banRule, unBanRule, banTime): def __init__(self, banRule, unBanRule, banTime):
self.banRule = banRule self.banRule = banRule
self.unBanRule = unBanRule self.unBanRule = unBanRule
self.banTime = banTime self.banTime = banTime
self.banList = dict()
def addBanIP(self, aInfo, debug): def addBanIP(self, aInfo, debug):
""" Bans an IP. """ Bans an IP.

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.13.2.2 $ # $Revision: 1.13.2.4 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.13.2.2 $" __version__ = "$Revision: 1.13.2.4 $"
__date__ = "$Date: 2005/07/12 13:09:09 $" __date__ = "$Date: 2005/07/23 09:07:53 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
@ -186,6 +186,12 @@ class LogReader:
""" """
date = list(time.strptime(value, self.timepattern)) date = list(time.strptime(value, self.timepattern))
if date[0] < 2000: if date[0] < 2000:
# There is probably no year field in the logs
date[0] = time.gmtime()[0] date[0] = time.gmtime()[0]
# Bug fix for #1241756
# If the date is greater than the current time, we suppose
# that the log is not from this year but from the year before
if time.mktime(date) > time.time():
date[0] -= 1
unixTime = time.mktime(date) unixTime = time.mktime(date)
return unixTime return unixTime

View File

@ -18,25 +18,55 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.4.2.1 $ # $Revision: 1.4.2.2 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.4.2.1 $" __version__ = "$Revision: 1.4.2.2 $"
__date__ = "$Date: 2005/07/07 16:57:05 $" __date__ = "$Date: 2005/07/15 14:14:12 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
from distutils.core import setup from distutils.core import setup
from version import version from version import version
from os.path import isfile, join
from sys import exit, argv
setup( setup(
name = "fail2ban", name = "fail2ban",
version = version, version = version,
description = "Ban IPs that make too many password failure", description = "Ban IPs that make too many password failure",
author = "Cyril Jaquier", author = "Cyril Jaquier",
author_email = "lostcontrol@users.sourceforge.net", author_email = "lostcontrol@users.sourceforge.net",
url = "http://fail2ban.sourceforge.net", url = "http://fail2ban.sourceforge.net",
scripts = ['fail2ban'], scripts = ['fail2ban'],
py_modules = ['fail2ban', 'version','log4py'], py_modules = ['fail2ban', 'version', 'log4py'],
packages = ['firewall', 'logreader', 'confreader', 'utils'] packages = ['firewall', 'logreader', 'confreader', 'utils']
) )
# Do some checks after installation
# Search for obsolete files.
obsoleteFiles = []
elements = {"/usr/bin/": ["fail2ban.py"],
"/usr/lib/fail2ban/firewall/": ["iptables.py", "ipfwadm.py",
"ipfw.py"]}
for dir in elements:
for f in elements[dir]:
path = join(dir, f)
if isfile(path):
obsoleteFiles.append(path)
if obsoleteFiles:
print
print "Obsolete files from previous Fail2Ban versions were found on " \
"your system."
print "Please delete them:"
print
for f in obsoleteFiles:
print "\t" + f
print
# Update config file
if argv[1] == "install":
print
print "Please do not forget to update your configuration file."
print "Use config/fail2ban.conf.default as example."
print

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.7.2.1 $ # $Revision: 1.7.2.2 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.7.2.1 $" __version__ = "$Revision: 1.7.2.2 $"
__date__ = "$Date: 2005/07/12 13:10:14 $" __date__ = "$Date: 2005/07/22 21:11:42 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
@ -55,6 +55,15 @@ def searchIP(text):
else: else:
return [] return []
def isValidIP(str):
""" Return true if str is a valid IP
"""
try:
socket.inet_aton(str)
return True
except socket.error:
return False
def textToIp(text): def textToIp(text):
""" Return the IP of DNS found in a given text. """ Return the IP of DNS found in a given text.
""" """
@ -62,7 +71,8 @@ def textToIp(text):
# Search for plain IP # Search for plain IP
plainIP = searchIP(text) plainIP = searchIP(text)
for element in plainIP: for element in plainIP:
ipList.append(element) if isValidIP(element):
ipList.append(element)
if not ipList: if not ipList:
# Try to get IP from possible DNS # Try to get IP from possible DNS
dnsList = textToDns(text) dnsList = textToDns(text)

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.1.2.1 $ # $Revision: 1.1.2.2 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.1.2.1 $" __version__ = "$Revision: 1.1.2.2 $"
__date__ = "$Date: 2005/07/07 16:53:47 $" __date__ = "$Date: 2005/07/15 14:08:17 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
@ -76,9 +76,6 @@ def createDaemon():
# Ensure that the daemon doesn't keep any directory in use. Failure # Ensure that the daemon doesn't keep any directory in use. Failure
# to do this could make a filesystem unmountable. # to do this could make a filesystem unmountable.
os.chdir("/") os.chdir("/")
# Give the child complete control over permissions.
# yoh: evil evil evil!
# os.umask(0)
else: else:
os._exit(0) # Exit parent (the first child) of the second child. os._exit(0) # Exit parent (the first child) of the second child.
else: else:

View File

@ -16,12 +16,12 @@
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision: 1.12.2.2 $ # $Revision: 1.12.2.4 $
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.12.2.2 $" __version__ = "$Revision: 1.12.2.4 $"
__date__ = "$Date: 2005/07/12 13:12:40 $" __date__ = "$Date: 2005/07/23 09:31:12 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL" __license__ = "GPL"
version = "0.5.0" version = "0.5.1"