- Added more tags in firewall rules definition. Should help for Feature Request #1229479

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_5@128 a942ae1a-1317-0410-a47c-b1dcaea8d605
2005-07-09 15:11:48 +00:00 · 2005-07-09 15:11:48 +00:00 · 7cdb6c94bb
parent 18486d66bd
commit 7cdb6c94bb
3 changed files with 46 additions and 24 deletions
--- a/config/fail2ban.conf.default
+++ b/config/fail2ban.conf.default
@ -99,7 +99,10 @@ fwend =
 # Option:  fwban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-#          <ip>  IP address
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <failtime>  unix timestamp of the last failure
+#          <bantime>  unix timestamp of the ban time
 # Values:  CMD
 # Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
 #
@ -108,7 +111,9 @@ fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
 # Option:  fwunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-#          <ip>  IP address
+# Tags:    <ip>  IP address
+#          <bantime>  unix timestamp of the ban time
+#          <unbantime>  unix timestamp of the unban time
 # Values:  CMD
 # Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
 #
@ -162,7 +167,10 @@ fwend =
 # Option:  fwbanrule
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-#          <ip>  IP address
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <failtime>  unix timestamp of the last failure
+#          <bantime>  unix timestamp of the ban time
 # Values:  CMD
 # Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
 #
@ -171,7 +179,9 @@ fwban = iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
 # Option:  fwunbanrule
 # Notes.:  command executed when unbanning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
-#          <ip>  IP address
+# Tags:    <ip>  IP address
+#          <bantime>  unix timestamp of the ban time
+#          <unbantime>  unix timestamp of the unban time
 # Values:  CMD
 # Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
 #
--- a/fail2ban.py
+++ b/fail2ban.py
@ -321,10 +321,13 @@ def main():
 					if failTime < unixTime - findTime:
 						del element[3][attempt]
 					elif fails[attempt][0] >= conf["maxretry"]:
-						logSys.info(element[0] + ": " + attempt + " has " +
-									`element[3][attempt][0]` +
+						aInfo = {"ip": attempt,
+								 "failures": element[3][attempt][0],
+								 "failtime": failTime}
+						logSys.info(element[0] + ": " + aInfo["ip"] +
+									" has " + `aInfo["failures"]` +
 									" login failure(s). Banned.")
-						element[2].addBanIP(attempt, conf["debug"])
+						element[2].addBanIP(aInfo, conf["debug"])
 						del element[3][attempt]
 			
 		except KeyboardInterrupt:
--- a/firewall/firewall.py
+++ b/firewall/firewall.py
@ -43,23 +43,27 @@ class Firewall:
 		self.unBanRule = unBanRule
 		self.banTime = banTime
 	
-	def addBanIP(self, ip, debug):
+	def addBanIP(self, aInfo, debug):
 		""" Bans an IP.
 		"""
+		ip = aInfo["ip"]
 		if not self.inBanList(ip):
+			crtTime = time.time()
 			logSys.warn("Ban " + ip)
-			self.banList[ip] = time.time()
-			executeCmd(self.banIP(ip), debug)
+			self.banList[ip] = crtTime
+			aInfo["bantime"] = crtTime
+			executeCmd(self.banIP(aInfo), debug)
 		else:
 			logSys.error(ip+" already in ban list")
 	
-	def delBanIP(self, ip, debug):
+	def delBanIP(self, aInfo, debug):
 		""" Unban an IP.
 		"""
+		ip = aInfo["ip"]
 		if self.inBanList(ip):
 			logSys.warn("Unban "+ip)
 			del self.banList[ip]
-			executeCmd(self.unBanIP(ip), debug)
+			executeCmd(self.unBanIP(aInfo), debug)
 		else:
 			logSys.error(ip+" not in ban list")
 	
@ -73,10 +77,12 @@ class Firewall:
 		"""
 		banListTemp = self.banList.copy()
 		for element in banListTemp.iteritems():
-			ip = element[0]
 			btime = element[1]
 			if btime < time.time()-self.banTime:
-				self.delBanIP(ip, debug)
+				aInfo = {"ip": element[0],
+						 "bantime": btime,
+						 "unbantime": time.time()}
+				self.delBanIP(aInfo, debug)
 	
 	def flushBanList(self, debug):
 		""" Flushes the ban list and of course the firewall rules.
@ -84,26 +90,29 @@ class Firewall:
 		"""
 		banListTemp = self.banList.copy()
 		for element in banListTemp.iteritems():
-			ip = element[0]
-			self.delBanIP(ip, debug)
+			aInfo = {"ip": element[0],
+					 "bantime": element[1],
+					 "unbantime": time.time()}
+			self.delBanIP(aInfo, debug)
 			
-	def banIP(self, ip):
+	def banIP(self, aInfo):
 		""" Returns query to ban IP.
 		"""
-		query = self.replaceTag(self.banRule, ip)
+		query = self.replaceTag(self.banRule, aInfo)
 		return query
 	
-	def unBanIP(self, ip):
+	def unBanIP(self, aInfo):
 		""" Returns query to unban IP.
 		"""
-		query = self.replaceTag(self.unBanRule, ip)
+		query = self.replaceTag(self.unBanRule, aInfo)
 		return query
 	
-	def replaceTag(self, query, ip):
-		""" Replace tag in query
+	def replaceTag(self, query, aInfo):
+		""" Replace tags in query
 		"""
 		string = query
-		string = string.replace("<ip>", ip)
+		for tag in aInfo:
+			string = string.replace('<'+tag+'>', `aInfo[tag]`)
 		return string
 	
 	def viewBanList(self):