github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

ENH: minor, just trailing spaces/tabs + reformated a string

pull/8/merge
Yaroslav Halchenko 2012-06-29 12:58:53 -04:00
parent 215c3cc5c5
commit 9b360bb12d
1 changed files with 72 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
server/filter.py
View File

@ -18,7 +18,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Author: Cyril Jaquier # Author: Cyril Jaquier
# #
# $Revision$ # $Revision$
__author__ = "Cyril Jaquier" __author__ = "Cyril Jaquier"
@ -53,7 +53,7 @@ class Filter(JailThread):
# #
# Initialize the filter object with default values. # Initialize the filter object with default values.
# @param jail the jail object # @param jail the jail object
def __init__(self, jail, useDns='warn'): def __init__(self, jail, useDns='warn'):
JailThread.__init__(self) JailThread.__init__(self)
## The jail which contains this filter. ## The jail which contains this filter.
@ -70,7 +70,7 @@ class Filter(JailThread):
self.__findTime = 6000 self.__findTime = 6000
## The ignore IP list. ## The ignore IP list.
self.__ignoreIpList = [] self.__ignoreIpList = []
self.dateDetector = DateDetector() self.dateDetector = DateDetector()
self.dateDetector.addDefaultTemplate() self.dateDetector.addDefaultTemplate()
logSys.debug("Created %s" % self) logSys.debug("Created %s" % self)
@ -85,14 +85,14 @@ class Filter(JailThread):
# The regular expression can also match any other pattern than failures # The regular expression can also match any other pattern than failures
# and thus can be used for many purporse. # and thus can be used for many purporse.
# @param value the regular expression # @param value the regular expression
def addFailRegex(self, value): def addFailRegex(self, value):
try: try:
regex = FailRegex(value) regex = FailRegex(value)
self.__failRegex.append(regex) self.__failRegex.append(regex)
except RegexException, e: except RegexException, e:
logSys.error(e) logSys.error(e)
def delFailRegex(self, index): def delFailRegex(self, index):
try: try:
@ -100,54 +100,54 @@ class Filter(JailThread):
except IndexError: except IndexError:
logSys.error("Cannot remove regular expression. Index %d is not " logSys.error("Cannot remove regular expression. Index %d is not "
"valid" % index) "valid" % index)
## ##
# Get the regular expression which matches the failure. # Get the regular expression which matches the failure.
# #
# @return the regular expression # @return the regular expression
def getFailRegex(self): def getFailRegex(self):
failRegex = list() failRegex = list()
for regex in self.__failRegex: for regex in self.__failRegex:
failRegex.append(regex.getRegex()) failRegex.append(regex.getRegex())
return failRegex return failRegex
## ##
# Add the regular expression which matches the failure. # Add the regular expression which matches the failure.
# #
# The regular expression can also match any other pattern than failures # The regular expression can also match any other pattern than failures
# and thus can be used for many purporse. # and thus can be used for many purporse.
# @param value the regular expression # @param value the regular expression
def addIgnoreRegex(self, value): def addIgnoreRegex(self, value):
try: try:
regex = Regex(value) regex = Regex(value)
self.__ignoreRegex.append(regex) self.__ignoreRegex.append(regex)
except RegexException, e: except RegexException, e:
logSys.error(e) logSys.error(e)
def delIgnoreRegex(self, index): def delIgnoreRegex(self, index):
try: try:
del self.__ignoreRegex[index] del self.__ignoreRegex[index]
except IndexError: except IndexError:
logSys.error("Cannot remove regular expression. Index %d is not " logSys.error("Cannot remove regular expression. Index %d is not "
"valid" % index) "valid" % index)
## ##
# Get the regular expression which matches the failure. # Get the regular expression which matches the failure.
# #
# @return the regular expression # @return the regular expression
def getIgnoreRegex(self): def getIgnoreRegex(self):
ignoreRegex = list() ignoreRegex = list()
for regex in self.__ignoreRegex: for regex in self.__ignoreRegex:
ignoreRegex.append(regex.getRegex()) ignoreRegex.append(regex.getRegex())
return ignoreRegex return ignoreRegex
## ##
# Set the Use DNS mode # Set the Use DNS mode
# @param value the usedns mode # @param value the usedns mode
def setUseDns(self, value): def setUseDns(self, value):
if isinstance(value, bool): if isinstance(value, bool):
value = {True: 'yes', False: 'no'}[value] value = {True: 'yes', False: 'no'}[value]
@ -158,51 +158,51 @@ class Filter(JailThread):
value = 'no' value = 'no'
logSys.debug("Setting usedns = %s for %s" % (value, self)) logSys.debug("Setting usedns = %s for %s" % (value, self))
self.__useDns = value self.__useDns = value
## ##
# Get the usedns mode # Get the usedns mode
# @return the usedns mode # @return the usedns mode
def getUseDns(self): def getUseDns(self):
return self.__useDns return self.__useDns
## ##
# Set the time needed to find a failure. # Set the time needed to find a failure.
# #
# This value tells the filter how long it has to take failures into # This value tells the filter how long it has to take failures into
# account. # account.
# @param value the time # @param value the time
def setFindTime(self, value): def setFindTime(self, value):
self.__findTime = value self.__findTime = value
self.failManager.setMaxTime(value) self.failManager.setMaxTime(value)
logSys.info("Set findtime = %s" % value) logSys.info("Set findtime = %s" % value)
## ##
# Get the time needed to find a failure. # Get the time needed to find a failure.
# #
# @return the time # @return the time
def getFindTime(self): def getFindTime(self):
return self.__findTime return self.__findTime
## ##
# Set the maximum retry value. # Set the maximum retry value.
# #
# @param value the retry value # @param value the retry value
def setMaxRetry(self, value): def setMaxRetry(self, value):
self.failManager.setMaxRetry(value) self.failManager.setMaxRetry(value)
logSys.info("Set maxRetry = %s" % value) logSys.info("Set maxRetry = %s" % value)
## ##
# Get the maximum retry value. # Get the maximum retry value.
# #
# @return the retry value # @return the retry value
def getMaxRetry(self): def getMaxRetry(self):
return self.failManager.getMaxRetry() return self.failManager.getMaxRetry()
## ##
# Main loop. # Main loop.
# #
@ -212,38 +212,38 @@ class Filter(JailThread):
def run(self): def run(self):
raise Exception("run() is abstract") raise Exception("run() is abstract")
## ##
# Ban an IP - http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html # Ban an IP - http://blogs.buanzo.com.ar/2009/04/fail2ban-patch-ban-ip-address-manually.html
# Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar> # Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
# #
# to enable banip fail2ban-client BAN command # to enable banip fail2ban-client BAN command
def addBannedIP(self, ip): def addBannedIP(self, ip):
unixTime = time.time() unixTime = time.time()
for i in xrange(self.failManager.getMaxRetry()): for i in xrange(self.failManager.getMaxRetry()):
self.failManager.addFailure(FailTicket(ip, unixTime)) self.failManager.addFailure(FailTicket(ip, unixTime))
return ip return ip
## ##
# Add an IP/DNS to the ignore list. # Add an IP/DNS to the ignore list.
# #
# IP addresses in the ignore list are not taken into account # IP addresses in the ignore list are not taken into account
# when finding failures. CIDR mask and DNS are also accepted. # when finding failures. CIDR mask and DNS are also accepted.
# @param ip IP address to ignore # @param ip IP address to ignore
def addIgnoreIP(self, ip): def addIgnoreIP(self, ip):
logSys.debug("Add " + ip + " to ignore list") logSys.debug("Add " + ip + " to ignore list")
self.__ignoreIpList.append(ip) self.__ignoreIpList.append(ip)
def delIgnoreIP(self, ip): def delIgnoreIP(self, ip):
logSys.debug("Remove " + ip + " from ignore list") logSys.debug("Remove " + ip + " from ignore list")
self.__ignoreIpList.remove(ip) self.__ignoreIpList.remove(ip)
def getIgnoreIP(self): def getIgnoreIP(self):
return self.__ignoreIpList return self.__ignoreIpList
## ##
# Check if IP address/DNS is in the ignore list. # Check if IP address/DNS is in the ignore list.
# #
@ -251,7 +251,7 @@ class Filter(JailThread):
# mask in the ignore list. # mask in the ignore list.
# @param ip IP address # @param ip IP address
# @return True if IP address is in ignore list # @return True if IP address is in ignore list
def inIgnoreIPList(self, ip): def inIgnoreIPList(self, ip):
for i in self.__ignoreIpList: for i in self.__ignoreIpList:
# An empty string is always false # An empty string is always false
@ -275,9 +275,11 @@ class Filter(JailThread):
if a == b: if a == b:
return True return True
return False return False
def processLine(self, line): def processLine(self, line):
"""Split the time portion from log msg and return findFailures on them
"""
try: try:
# Decode line to UTF-8 # Decode line to UTF-8
l = line.decode('utf-8') l = line.decode('utf-8')
@ -297,6 +299,8 @@ class Filter(JailThread):
return self.findFailure(timeLine, logLine) return self.findFailure(timeLine, logLine)
def processLineAndAdd(self, line): def processLineAndAdd(self, line):
"""Processes the line for failures and populates failManager
"""
for element in self.processLine(line): for element in self.processLine(line):
ip = element[0] ip = element[0]
unixTime = element[1] unixTime = element[1]
@ -346,11 +350,11 @@ class Filter(JailThread):
# The failregex matched. # The failregex matched.
date = self.dateDetector.getUnixTime(timeLine) date = self.dateDetector.getUnixTime(timeLine)
if date == None: if date == None:
logSys.debug("Found a match for '" + logLine +"' but no " logSys.debug("Found a match for %r but no valid date/time "
+ "valid date/time found for '" "found for %r. Please file a detailed issue on"
+ timeLine + "'. Please contact the " " https://github.com/fail2ban/fail2ban/issues "
+ "author in order to get support for this " "in order to get support for this format."
+ "format") % (logLine, timeLine))
else: else:
try: try:
host = failRegex.getHost() host = failRegex.getHost()
@ -363,7 +367,7 @@ class Filter(JailThread):
except RegexException, e: except RegexException, e:
logSys.error(e) logSys.error(e)
return failList return failList
## ##
# Get the status of the filter. # Get the status of the filter.
@ -371,20 +375,20 @@ class Filter(JailThread):
# Get some informations about the filter state such as the total # Get some informations about the filter state such as the total
# number of failures. # number of failures.
# @return a list with tuple # @return a list with tuple
def status(self): def status(self):
ret = [("Currently failed", self.failManager.size()), ret = [("Currently failed", self.failManager.size()),
("Total failed", self.failManager.getFailTotal())] ("Total failed", self.failManager.getFailTotal())]
return ret return ret
class FileFilter(Filter): class FileFilter(Filter):
def __init__(self, jail, **kwargs): def __init__(self, jail, **kwargs):
Filter.__init__(self, jail, **kwargs) Filter.__init__(self, jail, **kwargs)
## The log file path. ## The log file path.
self.__logPath = [] self.__logPath = []
## ##
# Add a log file path # Add a log file path
# #
@ -393,12 +397,12 @@ class FileFilter(Filter):
def addLogPath(self, path, tail = False): def addLogPath(self, path, tail = False):
container = FileContainer(path, tail) container = FileContainer(path, tail)
self.__logPath.append(container) self.__logPath.append(container)
## ##
# Delete a log path # Delete a log path
# #
# @param path the log file to delete # @param path the log file to delete
def delLogPath(self, path): def delLogPath(self, path):
for log in self.__logPath: for log in self.__logPath:
if log.getFileName() == path: if log.getFileName() == path:
@ -409,35 +413,35 @@ class FileFilter(Filter):
# Get the log file path # Get the log file path
# #
# @return log file path # @return log file path
def getLogPath(self): def getLogPath(self):
return self.__logPath return self.__logPath
## ##
# Check whether path is already monitored. # Check whether path is already monitored.
# #
# @param path The path # @param path The path
# @return True if the path is already monitored else False # @return True if the path is already monitored else False
def containsLogPath(self, path): def containsLogPath(self, path):
for log in self.__logPath: for log in self.__logPath:
if log.getFileName() == path: if log.getFileName() == path:
return True return True
return False return False
def getFileContainer(self, path): def getFileContainer(self, path):
for log in self.__logPath: for log in self.__logPath:
if log.getFileName() == path: if log.getFileName() == path:
return log return log
return None return None
## ##
# Gets all the failure in the log file. # Gets all the failure in the log file.
# #
# Gets all the failure in the log file which are newer than # Gets all the failure in the log file which are newer than
# MyTime.time()-self.findTime. When a failure is detected, a FailTicket # MyTime.time()-self.findTime. When a failure is detected, a FailTicket
# is created and is added to the FailManager. # is created and is added to the FailManager.
def getFailures(self, filename): def getFailures(self, filename):
container = self.getFileContainer(filename) container = self.getFileContainer(filename)
if container == None: if container == None:
@ -450,7 +454,7 @@ class FileFilter(Filter):
logSys.error("Unable to open %s" % filename) logSys.error("Unable to open %s" % filename)
logSys.exception(e) logSys.exception(e)
return False return False
line = container.readline() line = container.readline()
while not line == "": while not line == "":
if not self._isActive(): if not self._isActive():
@ -461,7 +465,7 @@ class FileFilter(Filter):
line = container.readline() line = container.readline()
container.close() container.close()
return True return True
def status(self): def status(self):
ret = Filter.status(self) ret = Filter.status(self)
path = [m.getFileName() for m in self.getLogPath()] path = [m.getFileName() for m in self.getLogPath()]
@ -485,7 +489,7 @@ except ImportError:
md5sum = md5.new md5sum = md5.new
class FileContainer: class FileContainer:
def __init__(self, filename, tail = False): def __init__(self, filename, tail = False):
self.__filename = filename self.__filename = filename
self.__tail = tail self.__tail = tail
@ -506,10 +510,10 @@ class FileContainer:
self.__pos = 0 self.__pos = 0
finally: finally:
handler.close() handler.close()
def getFileName(self): def getFileName(self):
return self.__filename return self.__filename
def open(self): def open(self):
self.__handler = open(self.__filename) self.__handler = open(self.__filename)
# Set the file descriptor to be FD_CLOEXEC # Set the file descriptor to be FD_CLOEXEC
@ -527,12 +531,12 @@ class FileContainer:
self.__pos = 0 self.__pos = 0
# Sets the file pointer to the last position. # Sets the file pointer to the last position.
self.__handler.seek(self.__pos) self.__handler.seek(self.__pos)
def readline(self): def readline(self):
if self.__handler == None: if self.__handler == None:
return "" return ""
return self.__handler.readline() return self.__handler.readline()
def close(self): def close(self):
if not self.__handler == None: if not self.__handler == None:
# Saves the last position. # Saves the last position.
@ -552,9 +556,9 @@ class FileContainer:
import socket, struct import socket, struct
class DNSUtils: class DNSUtils:
IP_CRE = re.compile("^(?:\d{1,3}\.){3}\d{1,3}$") IP_CRE = re.compile("^(?:\d{1,3}\.){3}\d{1,3}$")
#@staticmethod #@staticmethod
def dnsToIp(dns): def dnsToIp(dns):
""" Convert a DNS into an IP address using the Python socket module. """ Convert a DNS into an IP address using the Python socket module.
@ -567,7 +571,7 @@ class DNSUtils:
% dns) % dns)
return list() return list()
dnsToIp = staticmethod(dnsToIp) dnsToIp = staticmethod(dnsToIp)
#@staticmethod #@staticmethod
def searchIP(text): def searchIP(text):
""" Search if an IP address if directly available and return """ Search if an IP address if directly available and return
@ -579,7 +583,7 @@ class DNSUtils:
else: else:
return None return None
searchIP = staticmethod(searchIP) searchIP = staticmethod(searchIP)
#@staticmethod #@staticmethod
def isValidIP(string): def isValidIP(string):
""" Return true if str is a valid IP """ Return true if str is a valid IP
@ -591,7 +595,7 @@ class DNSUtils:
except socket.error: except socket.error:
return False return False
isValidIP = staticmethod(isValidIP) isValidIP = staticmethod(isValidIP)
#@staticmethod #@staticmethod
def textToIp(text, useDns): def textToIp(text, useDns):
""" Return the IP of DNS found in a given text. """ Return the IP of DNS found in a given text.
@ -615,7 +619,7 @@ class DNSUtils:
return ipList return ipList
textToIp = staticmethod(textToIp) textToIp = staticmethod(textToIp)
#@staticmethod #@staticmethod
def cidr(i, n): def cidr(i, n):
""" Convert an IP address string with a CIDR mask into a 32-bit """ Convert an IP address string with a CIDR mask into a 32-bit
@ -625,14 +629,14 @@ class DNSUtils:
MASK = 0xFFFFFFFFL MASK = 0xFFFFFFFFL
return ~(MASK >> n) & MASK & DNSUtils.addr2bin(i) return ~(MASK >> n) & MASK & DNSUtils.addr2bin(i)
cidr = staticmethod(cidr) cidr = staticmethod(cidr)
#@staticmethod #@staticmethod
def addr2bin(string): def addr2bin(string):
""" Convert a string IPv4 address into an unsigned integer. """ Convert a string IPv4 address into an unsigned integer.
""" """
return struct.unpack("!L", socket.inet_aton(string))[0] return struct.unpack("!L", socket.inet_aton(string))[0]
addr2bin = staticmethod(addr2bin) addr2bin = staticmethod(addr2bin)
#@staticmethod #@staticmethod
def bin2addr(addr): def bin2addr(addr):
""" Convert a numeric IPv4 address into string n.n.n.n form. """ Convert a numeric IPv4 address into string n.n.n.n form.