amend to #1622: jail-reader supports now multi-line option for multi-line action parameter:

logpath = a.log b.log c.log action = ban[...] = log[logpath="%(logpath)s"] closes gh-2341, ultimate fix for gh-976
2019-02-11 11:54:58 +01:00 · 2019-02-11 11:54:58 +01:00 · e651bc7866
parent 89c611064d
commit e651bc7866
5 changed files with 53 additions and 4 deletions
--- a/config/jail.conf
+++ b/config/jail.conf
@ -177,19 +177,19 @@ action_mw = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port
 # ban & send an e-mail with whois report and relevant log lines
 # to the destemail.
 action_mwl = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
-             %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
+             %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]

 # See the IMPORTANT note in action.d/xarf-login-attack for when to use this action
 #
 # ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines
 # to the destemail.
 action_xarf = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
-             xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath=%(logpath)s, port="%(port)s"]
+             xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"]

 # ban IP on CloudFlare & send an e-mail with whois report and relevant log lines
 # to the destemail.
 action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"]
-                %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
+                %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]

 # Report block via blocklist.de fail2ban reporting service API
 # 
--- a/fail2ban/client/jailreader.py
+++ b/fail2ban/client/jailreader.py
@ -151,12 +151,21 @@ class JailReader(ConfigReader):
 				self.__filter.getOptions(self.__opts)
 		
 			# Read action
-			for act in self.__opts["action"].split('\n'):
+			prevln = ''
+			actlst = self.__opts["action"].split('\n')
+			for n, act in enumerate(actlst):
 				try:
 					if not act:			  # skip empty actions
 						continue
+					# join with previous line if needed (consider possible new-line):
+					if prevln: act = prevln + '\n' + act
 					actName, actOpt = extractOptions(act)
+					prevln = ''
 					if not actName:
+						# consider possible new-line, so repeat with joined next line's:
+						if n < len(actlst) - 1:
+							prevln = act
+							continue
 						raise JailDefError("Invalid action definition %r" % act)
 					if actName.endswith(".py"):
 						self.__actions.append([
--- a/fail2ban/tests/clientreadertestcase.py
+++ b/fail2ban/tests/clientreadertestcase.py
@ -353,6 +353,30 @@ class JailReaderTest(LogCaptureTestCase):
 		)
 		self.assertEqual(expected2, result)

+	def testMultiLineOption(self):
+		jail = JailReader('multi-log', force_enable=True, basedir=IMPERFECT_CONFIG, share_config=IMPERFECT_CONFIG_SHARE_CFG)
+		self.assertTrue(jail.read())
+		self.assertTrue(jail.getOptions())
+		self.assertEqual(jail.options['logpath'], 'a.log\nb.log\nc.log')
+		self.assertEqual(jail.options['action'], 'action[actname=\'ban\']\naction[actname=\'log\', logpath="a.log\nb.log\nc.log\nd.log"]\naction[actname=\'test\']')
+		self.assertSortedEqual([a.convert() for a in jail._JailReader__actions], [
+			[['set', 'multi-log', 'addaction', 'ban'], ['multi-set', 'multi-log', 'action', 'ban', [
+				['actionban', 'echo "name: ban, ban: <ip>, logs: a.log\nb.log\nc.log"'],
+				['actname', 'ban'],
+				['name', 'multi-log']
+			]]],
+			[['set', 'multi-log', 'addaction', 'log'], ['multi-set', 'multi-log', 'action', 'log', [
+				['actionban', 'echo "name: log, ban: <ip>, logs: a.log\nb.log\nc.log\nd.log"'],
+				['actname', 'log'],
+				['logpath', 'a.log\nb.log\nc.log\nd.log'], ['name', 'multi-log']
+			]]],
+			[['set', 'multi-log', 'addaction', 'test'], ['multi-set', 'multi-log', 'action', 'test', [
+				['actionban', 'echo "name: test, ban: <ip>, logs: a.log\nb.log\nc.log"'],
+				['actname', 'test'],
+				['name', 'multi-log']
+			]]]
+		])
+
 	def testVersionAgent(self):
 		unittest.F2B.SkipIfCfgMissing(stock=True)
 		jail = JailReader('blocklisttest', force_enable=True, basedir=CONFIG_DIR)
--- a/fail2ban/tests/config/action.d/action.conf
+++ b/fail2ban/tests/config/action.d/action.conf
@ -0,0 +1,4 @@
+
+[Definition]
+
+actionban = echo "name: <actname>, ban: <ip>, logs: %(logpath)s"
--- a/fail2ban/tests/config/jail.conf
+++ b/fail2ban/tests/config/jail.conf
@ -51,3 +51,15 @@ action =
 [tz_correct]
 enabled = true
 logtimezone = UTC+0200
+
+[multi-log]
+enabled = false
+filter  =
+logpath = a.log
+          b.log
+          c.log
+log2nd  = %(logpath)s
+          d.log
+action = action[actname='ban']
+         action[actname='log', logpath="%(log2nd)s"]
+         action[actname='test']