github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

fail2ban-regex: fix for systemd-journal (see gh-1657)

pull/1660/head^2
sebres 2017-01-10 10:59:53 +01:00
parent 31a1560eaa
commit 2009f1c434
2 changed files with 22 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
fail2ban/client/fail2banregex.py
View File

@ -43,12 +43,12 @@ from optparse import OptionParser, Option
from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
try: try:
from systemd import journal
from ..server.filtersystemd import FilterSystemd from ..server.filtersystemd import FilterSystemd
except ImportError: except ImportError:
journal = None FilterSystemd = None
from ..version import version from ..version import version
from .jailreader import JailReader
from .filterreader import FilterReader from .filterreader import FilterReader
from ..server.filter import Filter, FileContainer from ..server.filter import Filter, FileContainer
from ..server.failregex import RegexException from ..server.failregex import RegexException
@ -82,7 +82,7 @@ def pprint_list(l, header=None):
s = '' s = ''
output( s + "| " + "\n| ".join(l) + '\n`-' ) output( s + "| " + "\n| ".join(l) + '\n`-' )
def journal_lines_gen(myjournal): def journal_lines_gen(flt, myjournal): # pragma: no cover
while True: while True:
try: try:
entry = myjournal.get_next() entry = myjournal.get_next()
@ -90,7 +90,7 @@ def journal_lines_gen(myjournal):
continue continue
if not entry: if not entry:
break break
yield FilterSystemd.formatJournalEntry(entry) yield flt.formatJournalEntry(entry)
def get_opt_parser(): def get_opt_parser():
# use module docstring for help output # use module docstring for help output
@ -513,25 +513,22 @@ class Fail2banRegex(object):
except IOError as e: except IOError as e:
output( e ) output( e )
return False return False
elif cmd_log == "systemd-journal": # pragma: no cover elif cmd_log.startswith("systemd-journal"): # pragma: no cover
if not journal: if not FilterSystemd:
output( "Error: systemd library not found. Exiting..." ) output( "Error: systemd library not found. Exiting..." )
return False return False
myjournal = journal.Reader(converters={'__CURSOR': lambda x: x}) output( "Use systemd journal" )
output( "Use encoding : %s" % self.encoding )
backend, beArgs = JailReader.extractOptions(cmd_log)
flt = FilterSystemd(None, **beArgs)
flt.setLogEncoding(self.encoding)
myjournal = flt.getJournalReader()
journalmatch = self._journalmatch journalmatch = self._journalmatch
self.setDatePattern(None) self.setDatePattern(None)
if journalmatch: if journalmatch:
try: flt.addJournalMatch(journalmatch)
for element in journalmatch:
if element == "+":
myjournal.add_disjunction()
else:
myjournal.add_match(element)
except ValueError:
output( "Error: Invalid journalmatch: %s" % shortstr(" ".join(journalmatch)) )
return False
output( "Use journal match : %s" % " ".join(journalmatch) ) output( "Use journal match : %s" % " ".join(journalmatch) )
test_lines = journal_lines_gen(myjournal) test_lines = journal_lines_gen(flt, myjournal)
else: else:
output( "Use single line : %s" % shortstr(cmd_log) ) output( "Use single line : %s" % shortstr(cmd_log) )
test_lines = [ cmd_log ] test_lines = [ cmd_log ]

8
fail2ban/server/filtersystemd.py
View File

@ -174,6 +174,14 @@ class FilterSystemd(JournalFilter): # pragma: systemd no cover
v = Filter.uni_decode(x, self.getLogEncoding()) v = Filter.uni_decode(x, self.getLogEncoding())
return v return v
##
# Get journal reader
#
# @return journal reader
def getJournalReader(self):
return self.__journal
## ##
# Format journal log entry into syslog style # Format journal log entry into syslog style
# #