github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

f2b-iptable no os inject

pull/88/head
Th4nat0s 2012-06-17 14:29:17 +02:00
parent e2067b8659
commit bad7e1428d
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
fail2ban-iptables
View File

@ -21,6 +21,15 @@
import sys, re, subprocess import sys, re, subprocess
# Try to avoid any shell injections
def noinject(str):
for banned_chr in "`&;|":
if banned_chr in str:
print "I don't like some chars in your iptables syntax"
sys.exit(2)
return True
# Main procedure
def main(argv): def main(argv):
regv4 = re.compile('([0-9]{1,3}\.){3}[0-9]{1,3}') regv4 = re.compile('([0-9]{1,3}\.){3}[0-9]{1,3}')
if regv4.search(argv): if regv4.search(argv):
@ -45,4 +54,6 @@ def main(argv):
# Main call, pass all variables # Main call, pass all variables
if __name__ == "__main__": if __name__ == "__main__":
main(" ".join(sys.argv[1:])) pline = " ".join(sys.argv[1:])
if noinject(pline):
main(pline)