github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

- Added the "-k" option. Kills a currently running Fail2Ban 

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@70 a942ae1a-1317-0410-a47c-b1dcaea8d605
0.6
Cyril Jaquier 2005-02-23 16:56:29 +00:00
parent 45dd8ea43e
commit c429a69845
3 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -16,6 +16,7 @@ ver. 0.3.0 (02/??/2005) - beta
- Added PID lock file - Added PID lock file
- Improved some parts of the code - Improved some parts of the code
- Added ipfw-start-rule option (thanks to Robert Edeker) - Added ipfw-start-rule option (thanks to Robert Edeker)
- Added -k option which kills a currently running Fail2Ban
ver. 0.1.2 (11/21/2004) - beta ver. 0.1.2 (11/21/2004) - beta
---------- ----------

1
README
View File

@ -88,6 +88,7 @@ options:
-p <FILE> create PID lock in FILE -p <FILE> create PID lock in FILE
-h display this help message -h display this help message
-i <IP(s)> IP(s) to ignore -i <IP(s)> IP(s) to ignore
-k kill a currently running Fail2Ban instance
-l <FILE> log message in FILE -l <FILE> log message in FILE
-r <VALUE> allow a max of VALUE password failure -r <VALUE> allow a max of VALUE password failure
-t <TIME> ban IP for TIME seconds -t <TIME> ban IP for TIME seconds

20
fail2ban.py
View File

@ -59,6 +59,7 @@ def usage():
print " -p <FILE> create PID lock in FILE" print " -p <FILE> create PID lock in FILE"
print " -h display this help message" print " -h display this help message"
print " -i <IP(s)> IP(s) to ignore" print " -i <IP(s)> IP(s) to ignore"
print " -k kill a currently running Fail2Ban instance"
print " -l <FILE> log message in FILE" print " -l <FILE> log message in FILE"
print " -r <VALUE> allow a max of VALUE password failure" print " -r <VALUE> allow a max of VALUE password failure"
print " -t <TIME> ban IP for TIME seconds" print " -t <TIME> ban IP for TIME seconds"
@ -187,6 +188,12 @@ def removePID(lockfile):
os.remove(lockfile) os.remove(lockfile)
logSys.debug("Removed PID lock "+lockfile) logSys.debug("Removed PID lock "+lockfile)
def killPID(pid):
""" Kills the process with the given PID using the
INT signal (same effect as <ctrl>+<c>).
"""
return os.kill(pid, 2)
if __name__ == "__main__": if __name__ == "__main__":
# Gets an instance of log4py. # Gets an instance of log4py.
@ -211,7 +218,7 @@ if __name__ == "__main__":
# Reads the command line options. # Reads the command line options.
try: try:
optList, args = getopt.getopt(sys.argv[1:], 'hvbdc:l:t:i:r:e:w:p:') optList, args = getopt.getopt(sys.argv[1:], 'hvbdkc:l:t:i:r:e:w:p:')
except getopt.GetoptError: except getopt.GetoptError:
usage() usage()
@ -363,6 +370,15 @@ if __name__ == "__main__":
conf["firewall"] = opt[1] conf["firewall"] = opt[1]
if opt[0] == "-p": if opt[0] == "-p":
conf["pidlock"] = opt[1] conf["pidlock"] = opt[1]
if opt[0] == "-k":
pid = checkForPID(conf["pidlock"])
if pid:
killPID(int(pid))
logSys.warn("Killed Fail2Ban with PID "+pid)
sys.exit(0)
else:
logSys.error("No running Fail2Ban found")
sys.exit(-1)
# Process some options # Process some options
for c in conf: for c in conf:
@ -498,7 +514,7 @@ if __name__ == "__main__":
except KeyboardInterrupt: except KeyboardInterrupt:
# When the user press <ctrl>+<c> we flush the ban list # When the user press <ctrl>+<c> we flush the ban list
# and exit nicely. # and exit nicely.
logSys.info("Restoring iptables...") logSys.info("Restoring firewall rules...")
fireWall.flushBanList(conf["debug"]) fireWall.flushBanList(conf["debug"])
removePID(conf["pidlock"]) removePID(conf["pidlock"])
logSys.warn("Exiting...") logSys.warn("Exiting...")