#2Nc@sOdZdZdZdZdZddlmZddlmZddl m Z dd l m Z dd l mZdd lmZmZmZdd lZdd lZdd lZdd lZdd lZejd Zde fdYZdefdYZdd lZdfdYZdd lZdd lZdfdYZ d S(s Cyril Jaquiers$Revision: 752 $s5$Date: 2009-09-01 23:21:30 +0200 (Tue, 01 Sep 2009) $s Copyright (c) 2004 Cyril JaquiertGPLi(t FailManager(t FailTicket(t JailThread(t DateDetector(tMyTime(t FailRegextRegextRegexExceptionNsfail2ban.filtertFiltercBseZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZRS(cCsvtj|||_t|_t|_t|_d|_g|_ t |_ |j j t jddS(NipsCreated Filter(Rt__init__tjailRt failManagertlistt_Filter__failRegext_Filter__ignoreRegext_Filter__findTimet_Filter__ignoreIpListRt dateDetectortaddDefaultTemplatetlogSystdebug(tselfR ((s$/usr/share/fail2ban/server/filter.pyR 6s         cCsGy t|}|jj|Wn tk rB}tj|nXdS(N(RRtappendRRterror(Rtvaluetregexte((s$/usr/share/fail2ban/server/filter.pyt addFailRegexQs  cCs7y|j|=Wn"tk r2tjd|nXdS(Ns7Cannot remove regular expression. Index %d is not valid(Rt IndexErrorRR(Rtindex((s$/usr/share/fail2ban/server/filter.pyt delFailRegexYs   cCs4t}x$|jD]}|j|jqW|S(N(R RRtgetRegex(Rt failRegexR((s$/usr/share/fail2ban/server/filter.pyt getFailRegexes cCsGy t|}|jj|Wn tk rB}tj|nXdS(N(RRRRRR(RRRR((s$/usr/share/fail2ban/server/filter.pytaddIgnoreRegexrs  cCs7y|j|=Wn"tk r2tjd|nXdS(Ns7Cannot remove regular expression. Index %d is not valid(RRRR(RR((s$/usr/share/fail2ban/server/filter.pytdelIgnoreRegexys   cCs4t}x$|jD]}|j|jqW|S(N(R RRR (Rt ignoreRegexR((s$/usr/share/fail2ban/server/filter.pytgetIgnoreRegexs cCs.||_|jj|tjd|dS(NsSet findtime = %s(RR t setMaxTimeRtinfo(RR((s$/usr/share/fail2ban/server/filter.pyt setFindTimes cCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyt getFindTimescCs%|jj|tjd|dS(NsSet maxRetry = %s(R t setMaxRetryRR((RR((s$/usr/share/fail2ban/server/filter.pyR+scCs |jjS(N(R t getMaxRetry(R((s$/usr/share/fail2ban/server/filter.pyR,scCstddS(Nsrun() is abstract(t Exception(R((s$/usr/share/fail2ban/server/filter.pytrunscCs)tj}|jjt|||S(N(ttimeR t addFailureR(RtiptunixTime((s$/usr/share/fail2ban/server/filter.pyt addBannedIPs cCs)tjd|d|jj|dS(NsAdd s to ignore list(RRRR(RR1((s$/usr/share/fail2ban/server/filter.pyt addIgnoreIPscCs)tjd|d|jj|dS(NsRemove s from ignore list(RRRtremove(RR1((s$/usr/share/fail2ban/server/filter.pyt delIgnoreIPscCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyt getIgnoreIPscCsx|jD]}|dkr"q n|jdd}t|dkrY|jddnt|d|dx7|jD],}|j|kr |jj|dSq WdS(N(Rlt getFileNameR5(RRntlog((s$/usr/share/fail2ban/server/filter.pyt delLogPathrscCs|jS(N(Rl(R((s$/usr/share/fail2ban/server/filter.pyt getLogPath}scCs.x'|jD]}|j|kr tSq WtS(N(RlRrRBRC(RRnRs((s$/usr/share/fail2ban/server/filter.pytcontainsLogPathscCs.x'|jD]}|j|kr |Sq WdS(N(RlRrR^(RRnRs((s$/usr/share/fail2ban/server/filter.pytgetFileContainerscCs|j|}|dkr0tjd|tSy|jWn2tk rr}tjd|tj|tSX|j}x9|dks|j sPn|j ||j}qW|j t S(NsUnable to get failures in sUnable to open %sR8( RwR^RRRCtopenR-t exceptiontreadlinet _isActiveRXtcloseRB(RtfilenameRpRRQ((s$/usr/share/fail2ban/server/filter.pyt getFailuress$      cCsKtj|}g|jD]}|j^q}|jd|f|S(Ns File list(R RhRuRrR(RRgtmRn((s$/usr/share/fail2ban/server/filter.pyRhs%( RiRjR RCRqRtRuRvRwR~Rh(((s$/usr/share/fail2ban/server/filter.pyRk]s  RmcBs8eZedZdZdZdZdZRS(cCs||_||_d|_t|}tj|j}|j|_ zY|j }t j |j |_|r|jdd|j|_n d|_Wd|jXdS(Nii(t_FileContainer__filenamet_FileContainer__tailR^t_FileContainer__handlerRxtostfstattfilenotst_inot_FileContainer__inoRztmd5tnewtdigestt_FileContainer__hashtseekttellt_FileContainer__posR|(RR}Rothandlertstatst firstLine((s$/usr/share/fail2ban/server/filter.pyR s       cCs|jS(N(R(R((s$/usr/share/fail2ban/server/filter.pyRrscCst|j|_|jj}tj|tj|tjB|jj}tj |j }t j |jj}|j |ks|j|jkrtjd|j||_ |j|_d|_n|jj|jdS(NsLog rotation detected for %si(RxRRRtfcntltF_SETFDt FD_CLOEXECRzRRRRRRRRRR(RR(RtfdRtmyHashR((s$/usr/share/fail2ban/server/filter.pyRxs!   cCs |jdkrdS|jjS(NR8(RR^Rz(R((s$/usr/share/fail2ban/server/filter.pyRzscCs>|jdks:|jj|_|jjd|_ndS(N(RR^RRR|(R((s$/usr/share/fail2ban/server/filter.pyR|s (RiRjRCR RrRxRzR|(((s$/usr/share/fail2ban/server/filter.pyRms     R?cBseZejdZdZeeZdZeeZdZeeZdZ ee Z dZ ee Z dZ ee Z dZ ee Z RS(s^(?:\d{1,3}\.){3}\d{1,3}$cCsEytj|dSWn)tjk r@tjd|tSXdS(s_ Convert a DNS into an IP address using the Python socket module. Thanks to Kevin Drapel. is0Unable to find a corresponding IP address for %sN(tsockettgethostbyname_extgaierrorRtwarnR (tdns((s$/usr/share/fail2ban/server/filter.pyRAs  cCs$tjj|}|r|SdSdS(sC Search if an IP address if directly available and return it. N(R?tIP_CREtmatchR^(ttextR((s$/usr/share/fail2ban/server/filter.pytsearchIPscCsG|jdd}ytj|dtSWntjk rBtSXdS(s$ Return true if str is a valid IP R9iiN(R;Rt inet_atonRBRRC(tstringRE((s$/usr/share/fail2ban/server/filter.pyt isValidIP!s cCst}tj|}|dksU|jd}tj|rU|j|qUn|stj|}x|D]}|j|qqWn|S(s/ Return the IP of DNS found in a given text. iN(R R?RR^RMRRRA(RtipListtplainIPt plainIPStrR1R((s$/usr/share/fail2ban/server/filter.pyR`-s   cCs d}||?|@tj|@S(sK Convert an IP address string with a CIDR mask into a 32-bit integer. l(R?taddr2bin(RDtntMASK((s$/usr/share/fail2ban/server/filter.pyR@@scCstjdtj|dS(s; Convert a string IPv4 address into an unsigned integer. s!Li(tstructtunpackRR(R((s$/usr/share/fail2ban/server/filter.pyRJscCstjtjd|S(s< Convert a numeric IPv4 address into string n.n.n.n form. s!L(Rt inet_ntoaRtpack(taddr((s$/usr/share/fail2ban/server/filter.pytbin2addrQs( RiRjtretcompileRRAt staticmethodRRR`R@RR(((s$/usr/share/fail2ban/server/filter.pyR?s          (!t __author__t __version__t__date__t __copyright__t __license__t failmanagerRtticketRt jailthreadRt datedetectorRtmytimeRt failregexRRRtloggingRRRR/t getLoggerRR RkRRmRRR?(((s$/usr/share/fail2ban/server/filter.pyts&< 0a A