Upgraded to fresh upstream 0.6.0

debian-releases/etch sdist/0.6.0
Yaroslav Halchenko 2007-10-16 17:01:19 -04:00
commit ad466ecb3c
22 changed files with 368 additions and 126 deletions

View File

@ -4,9 +4,37 @@
|_| \__,_|_|_/___|_.__/\__,_|_||_|
=============================================================
Fail2Ban (version 0.5.4) 2005/09/13
Fail2Ban (version 0.6.0) 2005/11/20
=============================================================
ver. 0.6.0 (2005/11/20) - stable
----------
- Propagated patches introduced by Debian maintainer
(Yaroslav Halchenko):
* Added an option to report local time (including timezone)
or GMT in mail notification.
ver. 0.5.5 (2005/10/26) - beta
----------
- Propagated patches introduced by Debian maintainer
(Yaroslav Halchenko):
* Introduced fwcheck option to verify consistency of the
chains. Implemented automatic restart of fail2ban main
function in case check of fwban or fwunban command failed
(closes: #329163, #331695). (Introduced patch was further
adjusted by upstream author).
* Added -f command line parameter for [findtime].
* Added a cleanup of firewall rules on emergency shutdown
when unknown exception is catched.
* Fail2ban should not crash now if a wrong file name is
specified in config.
* reordered code a bit so that log targets are setup right
after background and then only loglevel (verbose, debug)
is processed, so the warning could be seen in the logs
* Added a keyword <section> in parsing of the subject and
the body of an email sent out by fail2ban (closes:
#330311)
ver. 0.5.4 (2005/09/13) - beta
----------
- Fixed bug #1286222.

View File

@ -1,6 +1,6 @@
Metadata-Version: 1.0
Name: fail2ban
Version: 0.5.4
Version: 0.6.0
Summary: Ban IPs that make too many password failure
Home-page: http://fail2ban.sourceforge.net
Author: Cyril Jaquier

13
README
View File

@ -4,7 +4,7 @@
|_| \__,_|_|_/___|_.__/\__,_|_||_|
=============================================================
Fail2Ban (version 0.5.4) 2005/09/13
Fail2Ban (version 0.6.0) 2005/11/20
=============================================================
Fail2Ban scans log files like /var/log/pwdfail and bans IP
@ -54,12 +54,12 @@ firewalls.
Installation:
-------------
Require: python-2.3 (http://www.python.org)
Require: python-2.4 (http://www.python.org)
To install, just do:
> tar xvfj fail2ban-0.5.4.tar.bz2
> cd fail2ban-0.5.4
> tar xvfj fail2ban-0.6.0.tar.bz2
> cd fail2ban-0.6.0
> python setup.py install
This will install Fail2Ban into /usr/lib/fail2ban. The fail2ban
@ -102,8 +102,9 @@ options:
-h display this help message
-i <IP(s)> IP(s) to ignore
-k kill a currently running instance
-r <VALUE> allow a max of VALUE password failure
-t <TIME> ban IP for TIME seconds
-r <VALUE> allow a max of VALUE password failure [maxfailures]
-t <TIME> ban IP for TIME seconds [bantime]
-f <TIME> lifetime in seconds of failed entry [findtime]
-v verbose. Use twice for greater effect
-V print software version

11
TODO
View File

@ -4,7 +4,7 @@
|_| \__,_|_|_/___|_.__/\__,_|_||_|
=============================================================
ToDo
ToDo $Revision: 1.5 $
=============================================================
See Feature Request Tracking System at SourceForge.net
@ -12,3 +12,12 @@ See Feature Request Tracking System at SourceForge.net
- improve installation process (better prefix support)
- install Fail2ban into /usr/share
- better configuration files
- add a check to see if the time of the log messages is
correctly detected (valid regexp)
- split configuration files in /etc/fail2ban/services.d
Example: /etc/fail2ban/services.d/apache
- template for common services in /etc/fail2ban/scripts.d
Example: /etc/fail2ban/scripts.d/apache
- remove debug mode (root check)
- better return values in function
- use more email.Utils in mail.py

View File

@ -8,7 +8,7 @@
# Adjusted for Fail2Ban
# by Yaroslav Halchenko <debian@onerussian.com>.
#
# Version: $Id: debian-initd,v 1.1.2.2 2005/09/11 15:42:32 yarikoptic Exp $
# Version: $Id: debian-initd,v 1.2 2005/11/20 17:07:47 lostcontrol Exp $
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

View File

@ -1,6 +1,6 @@
# Fail2Ban configuration file
#
# $Revision: 1.8.2.13 $
# $Revision: 1.9 $
#
# 2005.06.21 modified for readability Iain Lea iain@bricbrac.de
@ -85,6 +85,21 @@ cmdend =
#
polltime = 1
# Option: reinittime
# Notes.: minimal number of seconds between the re-initialization of
# firewalls due to external changes in their rules (see fwcheck)
# Values: NUM Default: 100
#
reinittime = 10
# Option: maxreinits
# Notes.: maximal number of re-initialization of firewalls due to external
# changes. -1 stays for infinite, so only reinittime is of importance
# Values: NUM Default: -1
#
maxreinits = -1
[MAIL]
# Option: enabled
# Notes.: enable mail notification when banning an IP address.
@ -117,18 +132,26 @@ from = fail2ban
#
to = root
# Option: localtime
# Notes.: report local time (including timezone) or GMT
# Values: [true | false] Default: false
#
localtime = true
# Option: subject
# Notes.: subject of the e-mail.
# Tags: <ip> IP address
# Tags: <section> active section (eg ssh, apache, etc)
# <ip> IP address
# <failures> number of failures
# <failtime> unix timestamp of the last failure
# Values: TEXT Default: [Fail2Ban] Banned <ip>
# Values: TEXT Default: [Fail2Ban] <section>: Banned <ip>
#
subject = [Fail2Ban] Banned <ip>
subject = [Fail2Ban] <section>: Banned <ip>
# Option: message
# Notes.: message of the e-mail.
# Tags: <ip> IP address
# Tags: <section> active section (eg ssh, apache, etc)
# <ip> IP address
# <failures> number of failures
# <failtime> unix timestamp of the last failure
# <br> new line
@ -136,7 +159,7 @@ subject = [Fail2Ban] Banned <ip>
#
message = Hi,<br>
The IP <ip> has just been banned by Fail2Ban after
<failures> attempts.<br>
<failures> attempts against <section>.<br>
Regards,<br>
Fail2Ban
@ -145,6 +168,7 @@ message = Hi,<br>
# options: logfile, fwban, fwunban, timeregex, timepattern,
# failregex.
[Apache]
# Option: enabled
# Notes.: enable monitoring for this section.
@ -171,9 +195,15 @@ fwstart = iptables -N fail2ban-http
# Values: CMD Default:
#
fwend = iptables -D INPUT -p tcp --dport http -j fail2ban-http
iptables -D fail2ban-http -j RETURN
iptables -F fail2ban-http
iptables -X fail2ban-http
# Option: fwcheck
# Notes.: command executed once before each fwban command
# Values: CMD Default:
#
fwcheck = iptables -L INPUT | grep -q fail2ban-http
# Option: fwban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
@ -217,6 +247,7 @@ timepattern = %%a %%b %%d %%H:%%M:%%S %%Y
#
failregex = authentication failure|user .* not found
[SSH]
# Option: enabled
# Notes.: enable monitoring for this section.
@ -243,9 +274,15 @@ fwstart = iptables -N fail2ban-ssh
# Values: CMD Default:
#
fwend = iptables -D INPUT -p tcp --dport ssh -j fail2ban-ssh
iptables -D fail2ban-ssh -j RETURN
iptables -F fail2ban-ssh
iptables -X fail2ban-ssh
# Option: fwcheck
# Notes.: command executed once before each fwban command
# Values: CMD Default:
#
fwcheck = iptables -L INPUT | grep -q fail2ban-ssh
# Option: fwbanrule
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.

View File

@ -16,7 +16,7 @@
#
# Author: Cyril Jaquier
#
# $Revision: 1.1.2.1 $
# $Revision: 1.2 $
# Command line options for Fail2Ban. Refer to "fail2ban -h" for
# valid options.

View File

@ -17,7 +17,7 @@
#
# Author: Sireyessire, Cyril Jaquier
#
# $Revision: 1.1.2.2 $
# $Revision: 1.2 $
opts="start stop restart showlog"

View File

@ -9,7 +9,7 @@
#
# Author: Andrey G. Grozin
#
# $Revision: 1.1.2.2 $
# $Revision: 1.2 $
# Source function library.
. /etc/init.d/functions

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.5.2.5 $
# $Revision: 1.6 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.5.2.5 $"
__date__ = "$Date: 2005/08/01 16:31:13 $"
__version__ = "$Revision: 1.6 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"

View File

@ -18,11 +18,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.4.2.5 $
# $Revision: 1.5 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.4.2.5 $"
__date__ = "$Date: 2005/08/04 20:51:14 $"
__version__ = "$Revision: 1.5 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
@ -55,6 +55,12 @@ except Exception, e:
logSys.error("Type: " + `type.__name__` + "\n" +
"Value: " + `e.args` + "\n" +
"TB: " + `tbStack`)
# Try to clean up after ourselves
# just for extreme caution - wrapping with try
try:
fail2ban.restoreFwRules()
except Exception:
pass
# Remove the PID lock file. Should close #1239562
pidLock.remove()
logging.shutdown()

View File

@ -17,15 +17,15 @@
# Author: Cyril Jaquier
# Modified by: Yaroslav Halchenko (SYSLOG, findtime)
#
# $Revision: 1.20.2.18 $
# $Revision: 1.21 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.20.2.18 $"
__date__ = "$Date: 2005/09/13 20:42:33 $"
__version__ = "$Revision: 1.21 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
import time, sys, getopt, os, string, signal, logging, logging.handlers
import time, sys, getopt, os, string, signal, logging, logging.handlers, copy
from ConfigParser import *
from version import version
@ -62,8 +62,9 @@ def dispUsage():
print " -h display this help message"
print " -i <IP(s)> IP(s) to ignore"
print " -k kill a currently running instance"
print " -r <VALUE> allow a max of VALUE password failure"
print " -t <TIME> ban IP for TIME seconds"
print " -r <VALUE> allow a max of VALUE password failure [maxfailures]"
print " -t <TIME> ban IP for TIME seconds [bantime]"
print " -f <TIME> lifetime in seconds of failed entry [findtime]"
print " -v verbose. Use twice for greater effect"
print " -V print software version"
print
@ -92,19 +93,48 @@ def sigTERMhandler(signum, frame):
logSys.debug("Signal handler called with sig "+`signum`)
killApp()
def setFwMustCheck(value):
""" Set the mustCheck value of the firewalls (True/False)
"""
for element in logFwList:
element[2].setMustCheck(value)
def initializeFwRules():
""" Initializes firewalls by running cmdstart and then
fwstart for each section
"""
# Execute global start command
executeCmd(conf["cmdstart"], conf["debug"])
# Execute start command of each section
for element in logFwList:
element[2].initialize(conf["debug"])
def reBan():
""" For each section asks the Firewall to reban known IPs
"""
for element in logFwList:
element[2].reBan(conf["debug"])
def restoreFwRules():
""" Flush the ban list
"""
logSys.warn("Restoring firewall rules...")
try:
for element in logFwList:
# Execute end command of each section
element[2].restore(conf["debug"])
# Execute global end command
executeCmd(conf["cmdend"], conf["debug"])
except ExternalError:
# nothing bad really - we can survive :-)
pass
def killApp():
""" Flush the ban list, remove the PID lock file and exit
nicely.
"""
logSys.warn("Restoring firewall rules...")
for element in logFwList:
element[2].flushBanList(conf["debug"])
# Execute end command of each section
for element in logFwList:
l = element[4]
executeCmd(l["fwend"], conf["debug"])
# Execute global start command
executeCmd(conf["cmdend"], conf["debug"])
# Restore Fw rules
restoreFwRules()
# Remove the PID lock
pidLock.remove()
logSys.info("Exiting...")
@ -127,6 +157,12 @@ def getCmdLineOptions(optList):
except ValueError:
logSys.warn("banTime must be an integer")
logSys.warn("Using default value")
if opt[0] == "-f":
try:
conf["findtime"] = int(opt[1])
except ValueError:
logSys.warn("findTime must be an integer")
logSys.warn("Using default value")
if opt[0] == "-i":
conf["ignoreip"] = opt[1]
if opt[0] == "-r":
@ -149,6 +185,7 @@ def main():
formatter = logging.Formatter('%(asctime)s ' + formatterstring)
stdout.setFormatter(formatter)
conf["kill"] = False
conf["verbose"] = 0
conf["conffile"] = "/etc/fail2ban.conf"
@ -187,7 +224,9 @@ def main():
["str", "ignoreip", ""],
["int", "polltime", 1],
["str", "cmdstart", ""],
["str", "cmdend", ""])
["str", "cmdend", ""],
["int", "reinittime", 100],
["int", "maxreinits", 100])
# Gets global configuration options
conf.update(confReader.getLogOptions("DEFAULT", optionValues))
@ -199,8 +238,7 @@ def main():
pidLock.setPath(conf["pidlock"])
# Now we can kill properly a running instance if needed
try:
conf["kill"]
if conf["kill"]:
pid = pidLock.exists()
if pid:
killPID(int(pid))
@ -209,8 +247,6 @@ def main():
else:
logSys.error("No running Fail2Ban found")
sys.exit(-1)
except KeyError:
pass
# Start Fail2Ban in daemon mode
if conf["background"]:
@ -220,26 +256,8 @@ def main():
logSys.error("Unable to start daemon")
sys.exit(-1)
# Verbose level
if conf["verbose"]:
logSys.warn("Verbose level is "+`conf["verbose"]`)
if conf["verbose"] == 1:
logSys.setLevel(logging.INFO)
elif conf["verbose"] > 1:
logSys.setLevel(logging.DEBUG)
# Set debug log level
if conf["debug"]:
logSys.setLevel(logging.DEBUG)
formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
'%(message)s')
formatter = logging.Formatter("%(asctime)s " + formatterstring)
stdout.setFormatter(formatter)
logSys.warn("DEBUG MODE: FIREWALL COMMANDS ARE _NOT_ EXECUTED BUT " +
"ONLY DISPLAYED IN THE LOG MESSAGES")
# Process some options
# Log targets
# First setup Log targets
# Bug fix for #1234699
os.umask(0077)
for target in conf["logtargets"].split():
@ -290,6 +308,24 @@ def main():
hdlr.setFormatter(tformatter)
logSys.addHandler(hdlr)
# Verbose level
if conf["verbose"]:
logSys.warn("Verbose level is "+`conf["verbose"]`)
if conf["verbose"] == 1:
logSys.setLevel(logging.INFO)
elif conf["verbose"] > 1:
logSys.setLevel(logging.DEBUG)
# Set debug log level
if conf["debug"]:
logSys.setLevel(logging.DEBUG)
formatterstring = ('%(levelname)s: [%(filename)s (%(lineno)d)] ' +
'%(message)s')
formatter = logging.Formatter("%(asctime)s " + formatterstring)
stdout.setFormatter(formatter)
logSys.warn("DEBUG MODE: FIREWALL COMMANDS ARE _NOT_ EXECUTED BUT " +
"ONLY DISPLAYED IN THE LOG MESSAGES")
# Ignores IP list
ignoreIPList = conf["ignoreip"].split(' ')
@ -322,6 +358,7 @@ def main():
["int", "port", "25"],
["str", "from", "root"],
["str", "to", "root"],
["bool", "localtime", False],
["str", "subject", "[Fail2Ban] Banned <ip>"],
["str", "message", "Fail2Ban notification"])
@ -334,6 +371,7 @@ def main():
mail = Mail(mailConf["host"], mailConf["port"])
mail.setFromAddr(mailConf["from"])
mail.setToAddr(mailConf["to"])
mail.setLocalTimeFlag(mailConf["localtime"])
logSys.debug("to: " + mailConf["to"] + " from: " + mailConf["from"])
# Options
@ -348,8 +386,11 @@ def main():
["str", "fwstart", ""],
["str", "fwend", ""],
["str", "fwban", ""],
["str", "fwunban", ""])
["str", "fwunban", ""],
["str", "fwcheck", ""])
logSys.info("Fail2Ban v" + version + " is running")
# Gets the options of each sections
for t in confReader.getSections():
l = confReader.getLogOptions(t, optionValues)
@ -358,7 +399,10 @@ def main():
lObj = LogReader(l["logfile"], l["timeregex"], l["timepattern"],
l["failregex"], l["maxfailures"], l["findtime"])
# Creates a firewall object
fObj = Firewall(l["fwban"], l["fwunban"], l["bantime"])
fObj = Firewall(l["fwstart"], l["fwend"], l["fwban"], l["fwunban"],
l["fwcheck"], l["bantime"])
# "Name" the firewall
fObj.setSection(t)
# Links them into a list. I'm not really happy
# with this :/
logFwList.append([t, lObj, fObj, dict(), l])
@ -376,13 +420,10 @@ def main():
else:
logSys.warn(ip + " is not a valid IP address")
logSys.info("Fail2Ban v" + version + " is running")
# Execute global start command
executeCmd(conf["cmdstart"], conf["debug"])
# Execute start command of each section
for element in logFwList:
l = element[4]
executeCmd(l["fwstart"], conf["debug"])
initializeFwRules()
# try to reinit once if it fails immediately
lastReinitTime = time.time() - conf["reinittime"] - 1
reinits = 0
# Main loop
while True:
try:
@ -429,7 +470,8 @@ def main():
if failTime < unixTime - findTime:
del element[3][attempt]
elif fails[attempt][0] >= element[1].getMaxRetry():
aInfo = {"ip": attempt,
aInfo = {"section": element[0],
"ip": attempt,
"failures": element[3][attempt][0],
"failtime": failTime}
logSys.info(element[0] + ": " + aInfo["ip"] +
@ -441,7 +483,39 @@ def main():
mail.sendmail(mailConf["subject"],
mailConf["message"], aInfo)
del element[3][attempt]
except ExternalError, e:
# Something wrong while dealing with Iptables.
# May be chain got removed?
reinits += 1
logSys.error(e)
if ((unixTime - lastReinitTime > conf["reinittime"]) and
((conf["maxreinits"] < 0) or (reinits < conf["maxreinits"]))):
logSys.warn("#%d reinitialization of firewalls"%reinits)
lastReinitTime = unixTime
else:
logSys.error("Exiting: reinits follow too often, or too many " +
"reinit attempts")
killApp()
# We already failed runCheck so disable it until
# restoring a safe state
setFwMustCheck(False)
# save firewalls to keep a list of IPs for rebanning
logFwListCopy = copy.deepcopy(logFwList)
try:
# restore as much as possible
restoreFwRules()
# reinitialize all the chains
initializeFwRules()
# restore the lists of baned IPs
logFwList.__init__(logFwListCopy)
# reBan known IPs
reBan()
# Now we can enable the runCheck test again
setFwMustCheck(True)
except ExternalError:
raise ExternalError("Big Oops happened: situation is out of " +
"control. Something is wrong with your " +
"setup. Please check your settings")
except KeyboardInterrupt:
# When the user press <ctrl>+<c> we exit nicely.
killApp()

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.8.2.6 $
# $Revision: 1.9 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.8.2.6 $"
__date__ = "$Date: 2005/08/01 16:31:42 $"
__version__ = "$Revision: 1.9 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
@ -28,6 +28,10 @@ import time, os, logging, re
from utils.process import executeCmd
from utils.strings import replaceTag
# unfortunately but I have to bring ExternalError in especially for
# flushBanList: if one of IPs got flushed manually outside or something, we
# might endup with not "full" flush unless we handle exception within the loop
from utils.process import ExternalError
# Gets the instance of the logger.
logSys = logging.getLogger("fail2ban")
@ -37,41 +41,102 @@ class Firewall:
the IP.
"""
def __init__(self, banRule, unBanRule, banTime):
def __init__(self, startRule, endRule, banRule, unBanRule, checkRule,
banTime):
self.banRule = banRule
self.unBanRule = unBanRule
self.checkRule = checkRule
self.startRule = startRule
self.endRule = endRule
self.banTime = banTime
self.banList = dict()
self.section = ""
self.mustCheck = True
def setSection(self, section):
""" Set optional section name for clarify of logging
"""
self.section = section
def getMustCheck(self):
""" Return true if the runCheck test is executed
"""
return self.mustCheck
def setMustCheck(self, value):
""" Enable or disable the execution of runCheck test
"""
self.mustCheck = value
def initialize(self, debug):
logSys.debug("%s: Initialize firewall rules"%self.section)
executeCmd(self.startRule, debug)
def restore(self, debug):
logSys.debug("%s: Restore firewall rules"%self.section)
try:
self.flushBanList(debug)
executeCmd(self.endRule, debug)
except ExternalError:
pass
def addBanIP(self, aInfo, debug):
""" Bans an IP.
"""
ip = aInfo["ip"]
if not self.inBanList(ip):
crtTime = time.time()
logSys.warn("Ban " + ip)
logSys.warn("%s: Ban "%self.section + ip)
self.banList[ip] = crtTime
aInfo["bantime"] = crtTime
executeCmd(self.banIP(aInfo), debug)
self.runCheck(debug)
cmd = self.banIP(aInfo)
if executeCmd(cmd, debug):
raise ExternalError("Firewall: execution of fwban command " +
"'%s' failed"%cmd)
else:
logSys.error(ip+" already in ban list")
self.runCheck(debug)
logSys.error("%s: "%self.section+ip+" already in ban list")
def delBanIP(self, aInfo, debug):
""" Unban an IP.
"""
ip = aInfo["ip"]
if self.inBanList(ip):
logSys.warn("Unban "+ip)
logSys.warn("%s: Unban "%self.section + ip)
del self.banList[ip]
self.runCheck(debug)
executeCmd(self.unBanIP(aInfo), debug)
else:
logSys.error(ip+" not in ban list")
logSys.error("%s: "%self.section+ip+" not in ban list")
def reBan(self, debug):
""" Re-Bans known IPs.
TODO: implement "failures" and "failtime"
"""
for ip in self.banList:
aInfo = {"ip": ip,
"bantime":self.banList[ip]}
logSys.warn("%s: ReBan "%self.section + ip)
# next piece is similar to the on in addBanIp
# so might be one more function will not hurt
self.runCheck(debug)
executeCmd(self.banIP(aInfo), debug)
def inBanList(self, ip):
""" Checks if IP is in ban list.
"""
return self.banList.has_key(ip)
def runCheck(self, debug):
""" Runs fwcheck command and throws an exception if it returns non-0
result
"""
if self.mustCheck:
executeCmd(self.checkRule, debug)
else:
return None
def checkForUnBan(self, debug):
""" Check for IP to remove from ban list.
"""
@ -93,7 +158,12 @@ class Firewall:
aInfo = {"ip": element[0],
"bantime": element[1],
"unbantime": time.time()}
self.delBanIP(aInfo, debug)
try:
self.delBanIP(aInfo, debug)
except ExternalError:
# we must let it fail here in the loop, or we don't
# flush properly
pass
def banIP(self, aInfo):
""" Returns query to ban IP.

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.13.2.8 $
# $Revision: 1.14 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.13.2.8 $"
__date__ = "$Date: 2005/09/05 21:06:15 $"
__version__ = "$Revision: 1.14 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
@ -97,15 +97,15 @@ class LogReader:
"""
try:
self.logStats = os.stat(self.logPath)
if self.lastModTime == self.logStats.st_mtime:
return False
else:
logSys.debug(self.logPath+" has been modified")
self.lastModTime = self.logStats.st_mtime
return True
except OSError:
logSys.error("Unable to get stat on "+self.logPath)
if self.lastModTime == self.logStats.st_mtime:
return False
else:
logSys.debug(self.logPath+" has been modified")
self.lastModTime = self.logStats.st_mtime
return True
def setFilePos(self, file):
""" Sets the file position. We must take care of log file rotation

View File

@ -33,10 +33,13 @@ display this help message
kill a currently running Fail2Ban instance
.TP
\fB\-r\fR \fIVALUE\fR
allow a max of \fIVALUE\fR password failure
allow a max of \fIVALUE\fR password failure [maxfailures]
.TP
\fB\-t\fR \fITIME\fR
ban IP for \fITIME\fR seconds
ban IP for \fITIME\fR seconds [bantime]
.TP
\fB\-f\fR \fITIME\fR
lifetime in seconds of failed entry [findtime]
.TP
\fB\-v\fR
verbose. Use twice for greater effect

View File

@ -18,11 +18,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.4.2.4 $
# $Revision: 1.5 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.4.2.4 $"
__date__ = "$Date: 2005/08/07 13:10:39 $"
__version__ = "$Revision: 1.5 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.7.2.3 $
# $Revision: 1.8 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.7.2.3 $"
__date__ = "$Date: 2005/08/17 19:26:49 $"
__version__ = "$Revision: 1.8 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"

View File

@ -16,18 +16,17 @@
# Author: Cyril Jaquier
#
# $Revision: 1.1.2.4 $
# $Revision: 1.2 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.1.2.4 $"
__date__ = "$Date: 2005/09/12 14:42:08 $"
__version__ = "$Revision: 1.2 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
import logging, smtplib
import logging, smtplib, email.Utils
from utils.strings import replaceTag
from time import strftime, gmtime
# Gets the instance of the logger.
logSys = logging.getLogger("fail2ban")
@ -39,6 +38,7 @@ class Mail:
def __init__(self, host, port = 25):
self.host = host
self.port = port
self.localTimeFlag = False
def setFromAddr(self, fromAddr):
""" Set from: address
@ -50,6 +50,11 @@ class Mail:
"""
self.toAddr = toAddr.split()
def setLocalTimeFlag(self, localTimeFlag):
""" Set to: address
"""
self.localTimeFlag = localTimeFlag
def sendmail(self, subject, message, aInfo):
""" Send an email using smtplib
"""
@ -58,7 +63,7 @@ class Mail:
mail = ("From: %s\r\nTo: %s\r\nDate: %s\r\nSubject: %s\r\n\r\n" %
(self.fromAddr, ", ".join(self.toAddr),
strftime("%a, %d %b %Y %H:%M:%S +0000", gmtime()),
email.Utils.formatdate(localtime = self.localTimeFlag),
subj)) + msg
try:
@ -71,4 +76,4 @@ class Mail:
logSys.error("Unable to send mail to " + self.host + ":" +
`self.port` + " from " + self.fromAddr + " to " +
`self.toAddr` + ": " + `e` + ": " + `e.args`)

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.1.2.2 $
# $Revision: 1.2 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.1.2.2 $"
__date__ = "$Date: 2005/08/07 13:08:18 $"
__version__ = "$Revision: 1.2 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
@ -70,6 +70,9 @@ class PIDLock:
logSys.debug("Removed PID lock " + self.path)
except OSError:
logSys.error("Unable to remove PID lock " + self.path)
except AttributeError:
# AttributeError if self.path wasn't specified yet
logSys.debug("PID lock not removed because not defined yet")
def exists(self):
""" Returns the current PID if Fail2Ban is running or False

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.1.2.4 $
# $Revision: 1.2 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.1.2.4 $"
__date__ = "$Date: 2005/08/04 20:48:30 $"
__version__ = "$Revision: 1.2 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
@ -29,6 +29,11 @@ import os, logging, signal
# Gets the instance of the logger.
logSys = logging.getLogger("fail2ban")
class ExternalError(UserWarning):
""" Exception to warn about failed fwcheck or fwban command
"""
pass
def createDaemon():
""" Detach a process from the controlling terminal and run it in the
background as a daemon.
@ -126,6 +131,7 @@ def executeCmd(cmd, debug):
retval = os.system(cmd)
if not retval == 0:
logSys.error("'" + cmd + "' returned " + `retval`)
raise ExternalError("Execution of command '%s' failed" % cmd)
return retval
else:
return None

View File

@ -16,11 +16,11 @@
# Author: Cyril Jaquier
#
# $Revision: 1.1.2.2 $
# $Revision: 1.2 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.1.2.2 $"
__date__ = "$Date: 2005/08/01 16:35:18 $"
__version__ = "$Revision: 1.2 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"

View File

@ -16,12 +16,12 @@
# Author: Cyril Jaquier
#
# $Revision: 1.12.2.10 $
# $Revision: 1.13 $
__author__ = "Cyril Jaquier"
__version__ = "$Revision: 1.12.2.10 $"
__date__ = "$Date: 2005/09/13 20:43:00 $"
__version__ = "$Revision: 1.13 $"
__date__ = "$Date: 2005/11/20 17:07:47 $"
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
__license__ = "GPL"
version = "0.5.4"
version = "0.6.0"