diff --git a/fail2ban/protocol.py b/fail2ban/protocol.py index 9e5e4245..28c490fc 100644 --- a/fail2ban/protocol.py +++ b/fail2ban/protocol.py @@ -54,7 +54,7 @@ protocol = [ ["reload [--restart] [--unban] [--if-exists] ", "reloads the jail , or restarts it (if option '--restart' specified)"], ["stop", "stops all jails and terminate the server"], ["unban --all", "unbans all IP addresses (in all jails and database)"], -["unban ... ", "unbans (in all jails and database)"], +["unban [--expr] [--] ... ", "unbans (in all jails and database)"], ["banned", "return jails with banned IPs as dictionary"], ["banned ... ]", "return list(s) of jails where given IP(s) are banned"], ["status", "gets the current status of the server"], @@ -105,7 +105,7 @@ protocol = [ ["set usedns ", "sets the usedns mode for "], ["set attempt [ ... ]", "manually notify about failure"], ["set banip ... ", "manually Ban for "], -["set unbanip [--report-absent] [--expr] ... ", "manually Unban in "], +["set unbanip [--report-absent] [--expr] [--] ... ", "manually Unban in "], ["set maxretry ", "sets the number of failures before banning the host for "], ["set maxmatches ", "sets the max number of matches stored in memory per ticket in "], ["set maxlines ", "sets the number of to buffer for regex search for "], diff --git a/fail2ban/server/server.py b/fail2ban/server/server.py index beafe8d9..d46af872 100644 --- a/fail2ban/server/server.py +++ b/fail2ban/server/server.py @@ -24,14 +24,14 @@ __author__ = "Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" -import threading -from threading import Lock, RLock +from ast import literal_eval import logging import os import signal import stat import sys -from ast import literal_eval +import threading +from threading import Lock, RLock from .observer import Observers, ObserverThread from .jails import Jails @@ -529,7 +529,7 @@ class Server: def setBanIP(self, name, value): return self.__jails[name].actions.addBannedIP(value) - def setUnbanIP(self, name=None, values=None, ifexists=True, ifexpr=False): + def setUnbanIP(self, name=None, values=None, ifexists=True, isexpr=False): def parseExpr(v): try: return literal_eval(v) @@ -542,7 +542,7 @@ class Server: # in all jails: jails = list(self.__jails.values()) # parse values if it contains an expression - if values and ifexpr: + if values and isexpr: values = map(parseExpr, values) # unban given or all (if values is None): cnt = 0 diff --git a/fail2ban/server/transmitter.py b/fail2ban/server/transmitter.py index cee0b7a5..26a1b15f 100644 --- a/fail2ban/server/transmitter.py +++ b/fail2ban/server/transmitter.py @@ -24,6 +24,7 @@ __author__ = "Cyril Jaquier" __copyright__ = "Copyright (c) 2004 Cyril Jaquier" __license__ = "GPL" +import getopt import time import json @@ -113,11 +114,12 @@ class Transmitter: return 'OK' elif name == "unban" and len(command) >= 2: # unban in all jails: - value = command[1:] + opts, value = getopt.getopt(command[1:], "", ["expr", "all"]) + opts = dict(opts) # if all ips: - if len(value) == 1 and value[0] == "--all": + if "--all" in opts: return self.__server.setUnbanIP() - return self.__server.setUnbanIP(None, value) + return self.__server.setUnbanIP(None, value, isexpr=("--expr" in opts)) elif name == "banned": # check IP is banned in all jails: return self.__server.banned(None, command[1:]) @@ -363,17 +365,10 @@ class Transmitter: value = command[2:] return self.__server.setBanIP(name,value) elif command[1] == "unbanip": - ifexpr = False - ifexists = True - offset = 2 - if "--report-absent" in command: - ifexists = False - offset += 1 - if "--expr" in command: - ifexpr = True - offset += 1 - value = command[offset:] - return self.__server.setUnbanIP(name, value, ifexists=ifexists, ifexpr=ifexpr) + opts, value = getopt.getopt(command[2:], "", ["expr", "report-absent"]) + opts = dict(opts) + return self.__server.setUnbanIP(name, value, + ifexists=("--report-absent" not in opts), isexpr=("--expr" in opts)) elif command[1] == "addaction": args = [command[2]] if len(command) > 3: