$Sc@sdZdZdZddlZddlmZddlmZddlmZddl m Z dd l m Z dd l mZdd lmZmZmZdd lmZddlZddlZddlZddlZddlZddlZddlZejd Zde fdYZdefdYZyddl Z e j!Z"Wn&e#k rzddl!Z!e!j$Z"nXdfdYZ%ddl&Z&ddl'Z'dfdYZ(dS(s'Cyril Jaquier and Fail2Ban Contributorss>Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav HalchenkotGPLiN(tFailManagerEmpty(t FailManager(t FailTicket(t JailThread(t DateDetector(tMyTime(t FailRegextRegextRegexException(tActionsfail2ban.filtertFiltercBs eZddZdZdZdZdZdZdZdZ d Z d Z d Z d Z d ZdZdZdZdZdZdZdZdZdZeedZdZdZeedZdZRS(twarncCstj|||_t|_t|_t|_|j|d|_ g|_ t |_ t |_|jjtjd|dS(Nips Created %s(Rt__init__tjailRt failManagertlistt_Filter__failRegext_Filter__ignoreRegext setUseDnst_Filter__findTimet_Filter__ignoreIpListtFalset_Filter__ignoreCommandRt dateDetectortaddDefaultTemplatetlogSystdebug(tselfRtuseDns((s$/usr/share/fail2ban/server/filter.pyR 7s           cCsd|jj|jfS(Ns%s(%r)(t __class__t__name__R(R((s$/usr/share/fail2ban/server/filter.pyt__repr__OscCsMy t|}|jj|Wn&tk rH}tj||nXdS(N(RRtappendR Rterror(Rtvaluetregexte((s$/usr/share/fail2ban/server/filter.pyt addFailRegexYs   cCs7y|j|=Wn"tk r2tjd|nXdS(Ns7Cannot remove regular expression. Index %d is not valid(Rt IndexErrorRR"(Rtindex((s$/usr/share/fail2ban/server/filter.pyt delFailRegexbs   cCs4t}x$|jD]}|j|jqW|S(N(RRR!tgetRegex(Rt failRegexR$((s$/usr/share/fail2ban/server/filter.pyt getFailRegexns cCsMy t|}|jj|Wn&tk rH}tj||nXdS(N(RRR!R RR"(RR#R$R%((s$/usr/share/fail2ban/server/filter.pytaddIgnoreRegex{s   cCs7y|j|=Wn"tk r2tjd|nXdS(Ns7Cannot remove regular expression. Index %d is not valid(RR'RR"(RR(((s$/usr/share/fail2ban/server/filter.pytdelIgnoreRegexs   cCs4t}x$|jD]}|j|jqW|S(N(RRR!R*(Rt ignoreRegexR$((s$/usr/share/fail2ban/server/filter.pytgetIgnoreRegexs cCst|tr*idt6dt6|}n|j}|dkr_tjd|fd}ntjd||f||_dS(NtyestnoR s8Incorrect value %r specified for usedns. Using safe 'no'sSetting usedns = %s for %s(syessnoswarn( t isinstancetbooltTrueRtlowerRR"Rt_Filter__useDns(RR#((s$/usr/share/fail2ban/server/filter.pyRs     cCs|jS(N(R7(R((s$/usr/share/fail2ban/server/filter.pyt getUseDnsscCs.||_|jj|tjd|dS(NsSet findtime = %s(RRt setMaxTimeRtinfo(RR#((s$/usr/share/fail2ban/server/filter.pyt setFindTimes cCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyt getFindTimescCs%|jj|tjd|dS(NsSet maxRetry = %s(Rt setMaxRetryRR:(RR#((s$/usr/share/fail2ban/server/filter.pyR=scCs |jjS(N(Rt getMaxRetry(R((s$/usr/share/fail2ban/server/filter.pyR>scCstddS(Nsrun() is abstract(t Exception(R((s$/usr/share/fail2ban/server/filter.pytrunscCs ||_dS(N(R(Rtcommand((s$/usr/share/fail2ban/server/filter.pytsetIgnoreCommandscCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pytgetIgnoreCommandscCs|j|r#tjd|ntj}x6t|jjD]}|jjt ||qEWy0x)t r|jj }|j j |qnWWn'tk r|jjtjnX|S(NsRRequested to manually ban an ignored IP %s. User knows best. Proceeding to ban it.(tinIgnoreIPListRtwarningRttimetxrangeRR>t addFailureRR5ttoBanRt putFailTicketRtcleanup(RtiptunixTimetitticket((s$/usr/share/fail2ban/server/filter.pyt addBannedIPs   cCs)tjd|d|jj|dS(NsAdd s to ignore list(RRRR!(RRL((s$/usr/share/fail2ban/server/filter.pyt addIgnoreIPscCs)tjd|d|jj|dS(NsRemove s from ignore list(RRRtremove(RRL((s$/usr/share/fail2ban/server/filter.pyt delIgnoreIP scCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyt getIgnoreIPscCszx0|jD]%}|dkr"q n|jdd}t|dkrY|jddnHd|dkrttjdttj|dj |dR@RBRCRPRQRSRTRDRRzR}RRrR(((s$/usr/share/fail2ban/server/filter.pyR /s6          "  /t FileFiltercBseeZdZedZdZdZdZdZdZ dZ dZ d Z RS( cKs tj|||g|_dS(N(R R t_FileFilter__logPath(RRtkwargs((s$/usr/share/fail2ban/server/filter.pyR scCsd|j|r#tj|dn=t||}|jj|tjd||j|dS(Ns already existssAdded logfile = %s(tcontainsLogPathRR"t FileContainerRR!R:t _addLogPath(Rtpathttailt container((s$/usr/share/fail2ban/server/filter.pyt addLogPaths cCsdS(N((RR((s$/usr/share/fail2ban/server/filter.pyRscCs\xU|jD]J}|j|kr |jj|tjd||j|dSq WdS(NsRemoved logfile = %s(Rt getFileNameRRRR:t _delLogPath(RRRn((s$/usr/share/fail2ban/server/filter.pyt delLogPaths  cCsdS(N((RR((s$/usr/share/fail2ban/server/filter.pyRscCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyt getLogPathscCs.x'|jD]}|j|kr tSq WtS(N(RRR5R(RRRn((s$/usr/share/fail2ban/server/filter.pyRscCs.x'|jD]}|j|kr |Sq WdS(N(RRR(RRRn((s$/usr/share/fail2ban/server/filter.pytgetFileContainerscCs$|j|}|dkr0tjd|tSy|j}Wntk rt}tjd|tj|tStk r}tjd|tj|tStk r}tjdtj|tSXx@|r|j }|dks|j rPn|j |qW|j t S(NsUnable to get failures in sUnable to open %ssError opening %sstInternal errror in FileContainer open method - please report as a bug to https://github.com/fail2ban/fail2ban/issuesRU(RRRR"RtopentIOErrort exceptiontOSErrortreadlinet _isActiveR}tcloseR5(RtfilenameRt has_contentR%Rs((s$/usr/share/fail2ban/server/filter.pyt getFailuress2        cCsKtj|}g|jD]}|j^q}|jd|f|S(Ns File list(R RRRR!(RRtmR((s$/usr/share/fail2ban/server/filter.pyR%s%( RRR RRRRRRRRRR(((s$/usr/share/fail2ban/server/filter.pyRs   $RcBsAeZedZdZdZdZdZdZRS(cCs||_||_d|_t|}tj|j}|j|_ zV|j }t |j |_ |r|jdd|j|_n d|_Wd|jXdS(Nii(t_FileContainer__filenamet_FileContainer__tailRt_FileContainer__handlerRtostfstattfilenotst_inot_FileContainer__inoRtmd5sumtdigestt_FileContainer__hashtseekttellt_FileContainer__posR(RRRthandlertstatst firstLine((s$/usr/share/fail2ban/server/filter.pyR =s       cCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyRRscCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pytgetPosUscCst|j|_|jj}tj|tj}tj|tj|tjBtj |jj}|j sxt S|jj }t |j}|j|ks|j|jkrtjd|j||_|j|_d|_n|jj|jtS(NsLog rotation detected for %si(RRRRtfcntltF_GETFDtF_SETFDt FD_CLOEXECRRtst_sizeRRRRRRRRRRRR5(RtfdtflagsRRtmyHash((s$/usr/share/fail2ban/server/filter.pyRXs  !   cCs |jdkrdS|jjS(NRU(RRR(R((s$/usr/share/fail2ban/server/filter.pyRvscCs>|jdk r:|jj|_|jjd|_ndS(N(RRRRR(R((s$/usr/share/fail2ban/server/filter.pyR{s ( RRRR RRRRR(((s$/usr/share/fail2ban/server/filter.pyR;s      R_cBseZejdZdZeeZdZeeZdZeeZdZ ee Z dZ ee Z dZ ee Z dZ ee Z RS(s^(?:\d{1,3}\.){3}\d{1,3}$cCsMytj|dSWn1tjk rH}tjd||ftSXdS(s_ Convert a DNS into an IP address using the Python socket module. Thanks to Kevin Drapel. is4Unable to find a corresponding IP address for %s: %sN(tsockettgethostbyname_exR"RR R(tdnsR%((s$/usr/share/fail2ban/server/filter.pyRds  cCs$tjj|}|r|SdSdS(sC Search if an IP address if directly available and return it. N(R_tIP_CREtmatchR(ttextR((s$/usr/share/fail2ban/server/filter.pytsearchIPscCsG|jdd}ytj|dtSWntjk rBtSXdS(s$ Return true if str is a valid IP RViiN(RYRt inet_atonR5R"R(tstringRg((s$/usr/share/fail2ban/server/filter.pyt isValidIPs cCst}tj|}|dk rU|jd}tj|rU|j|qUn|dkr| rtj|}|j||r|dkrt j d||qn|S(s/ Return the IP of DNS found in a given text. iR1R s'Determined IP using DNS Lookup: %s = %sN(syesswarn( RR_RRRaRR!RdtextendRRE(RRtipListtplainIPt plainIPStrRL((s$/usr/share/fail2ban/server/filter.pyRs    cCs d}||?|@tj|@S(sK Convert an IP address string with a CIDR mask into a 32-bit integer. l(R_R`(RNtntMASK((s$/usr/share/fail2ban/server/filter.pyRcscCstjdtj|dS(s; Convert a string IPv4 address into an unsigned integer. s!Li(tstructtunpackRR(R((s$/usr/share/fail2ban/server/filter.pyR`scCstjtjd|S(s< Convert a numeric IPv4 address into string n.n.n.n form. s!L(Rt inet_ntoaRtpack(taddr((s$/usr/share/fail2ban/server/filter.pytbin2addrs( RRR\tcompileRRdt staticmethodRRRRcR`R(((s$/usr/share/fail2ban/server/filter.pyR_s          ()t __author__t __copyright__t __license__tsyst failmanagerRRRORt jailthreadRt datedetectorRtmytimeRR|RRR tactionR tloggingR\RRRFtshlext subprocesst getLoggerRR Rthashlibtmd5Rt ImportErrortnewRRRR_(((s$/usr/share/fail2ban/server/filter.pyts2 T      R