Allow unbanip of tuple IDs

As specified [here], IDs in Fail2ban can be tuples. However, when a
tuple ID is banned, there is no way to remove it via the `unbanip`
command line. If tried, the tuple will be considered as a list with each
element being an ID. Instead, we should try to parse the string to see
if it represents an object.

[here]: 226a59445a/fail2ban/server/failregex.py (L313)
pull/3533/head
Laurent Desausoi 2023-06-22 12:10:27 +02:00
parent 48c91dfb6b
commit ee0a5273fb
1 changed files with 9 additions and 2 deletions

View File

@ -274,6 +274,13 @@ class Actions(JailThread, Mapping):
if missed:
raise ValueError("not banned: %r" % missed)
return cnt
# IPs can be represented in string format (e.g.: tuples)
is_ip_parsed = True
if isinstance(ip, str):
try:
ip = eval(ip)
except Exception:
is_ip_parsed = False
# Single IP:
# Always delete ip from database (also if currently not banned)
if db and self._jail.database is not None:
@ -285,14 +292,14 @@ class Actions(JailThread, Mapping):
self.__unBan(ticket)
else:
# Multiple IPs by subnet or dns:
if not isinstance(ip, IPAddr):
if not is_ip_parsed and not isinstance(ip, IPAddr):
ipa = IPAddr(ip)
if not ipa.isSingle: # subnet (mask/cidr) or raw (may be dns/hostname):
ips = list(filter(ipa.contains, self.banManager.getBanList()))
if ips:
return self.removeBannedIP(ips, db, ifexists)
# not found:
msg = "%s is not banned" % ip
msg = "%s is not banned" % str(ip)
logSys.log(logging.MSG, msg)
if ifexists:
return 0