github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Added more details in output 

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@530 a942ae1a-1317-0410-a47c-b1dcaea8d605
0.x
Cyril Jaquier 2007-01-29 20:31:04 +00:00
parent 9d6a591aa7
commit 55009342ef
1 changed files with 40 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
fail2ban-regex
View File

@ -1,4 +1,4 @@
#!/usr/bin/python -O #!/usr/bin/python
# This file is part of Fail2Ban. # This file is part of Fail2Ban.
# #
# Fail2Ban is free software; you can redistribute it and/or modify # Fail2Ban is free software; you can redistribute it and/or modify
@ -133,22 +133,32 @@ class Fail2banRegex:
reader = SafeConfigParser() reader = SafeConfigParser()
try: try:
reader.read(value) reader.read(value)
print "Use regex file : " + value
self.__failregex = [RegexStat(m) self.__failregex = [RegexStat(m)
for m in reader.get("Definition", "failregex").split('\n')] for m in reader.get("Definition", "failregex").split('\n')]
except NoSectionError: except NoSectionError:
print "No [Definition] section in " + value print "No [Definition] section in " + value
print
return False return False
except NoOptionError: except NoOptionError:
print "No failregex option in " + value print "No failregex option in " + value
print
return False return False
except MissingSectionHeaderError: except MissingSectionHeaderError:
print "No section headers in " + value print "No section headers in " + value
print
return False return False
else: else:
if len(value) > 53:
stripReg = value[0:50] + "..."
else:
stripReg = value
print "Use regex line : " + stripReg
self.__failregex = [RegexStat(value)] self.__failregex = [RegexStat(value)]
return True return True
def testRegex(self, line): def testRegex(self, line):
found = False
for regex in self.__failregex: for regex in self.__failregex:
logging.getLogger("fail2ban").setLevel(logging.DEBUG) logging.getLogger("fail2ban").setLevel(logging.DEBUG)
try: try:
@ -156,6 +166,11 @@ class Fail2banRegex:
try: try:
ret = self.__filter.findFailure(line) ret = self.__filter.findFailure(line)
if not len(ret) == 0: if not len(ret) == 0:
if found == True:
ret[0].append(True)
else:
found = True
ret[0].append(False)
regex.inc() regex.inc()
regex.appendIP(ret) regex.appendIP(ret)
except RegexException, e: except RegexException, e:
@ -210,7 +225,11 @@ class Fail2banRegex:
for ip in failregex.getIPList(): for ip in failregex.getIPList():
timeTuple = time.localtime(ip[1]) timeTuple = time.localtime(ip[1])
timeString = time.strftime("%a %b %d %H:%M:%S %Y", timeTuple) timeString = time.strftime("%a %b %d %H:%M:%S %Y", timeTuple)
print " " + ip[0] + " (" + timeString + ")" if ip[2]:
dup = " (already matched)"
else:
dup = ""
print " " + ip[0] + " (" + timeString + ")" + dup
cnt += 1 cnt += 1
print print
@ -245,19 +264,32 @@ if __name__ == "__main__":
fail2banRegex.dispUsage() fail2banRegex.dispUsage()
sys.exit(-1) sys.exit(-1)
else: else:
if fail2banRegex.readRegex(sys.argv[2]) == False:
sys.exit(-1)
print print
print "Running tests" print "Running tests"
print "=============" print "============="
print print
if fail2banRegex.readRegex(sys.argv[2]) == False:
sys.exit(-1)
if fail2banRegex.logIsFile(sys.argv[1]): if fail2banRegex.logIsFile(sys.argv[1]):
hdlr = open(sys.argv[1]) try:
for line in hdlr: hdlr = open(sys.argv[1])
fail2banRegex.testRegex(line) print "Use log file : " + sys.argv[1]
print
for line in hdlr:
fail2banRegex.testRegex(line)
except IOError, e:
print e
print
sys.exit(-1)
else: else:
if len(sys.argv[1]) > 53:
stripLog = sys.argv[1][0:50] + "..."
else:
stripLog = sys.argv[1]
print "Use single line: " + stripLog
print
fail2banRegex.testRegex(sys.argv[1]) fail2banRegex.testRegex(sys.argv[1])
if fail2banRegex.printStats(): if fail2banRegex.printStats():