"Fossies" - the Fresh Open Source Software Archive

Member "fail2ban-0.11.1/fail2ban/protocol.py" (11 Jan 2020, 11278 Bytes) of package /linux/misc/fail2ban-0.11.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "protocol.py" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 0.10.5_vs_0.11.1.

    1 # emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
    2 # vi: set ft=python sts=4 ts=4 sw=4 noet :
    3 
    4 # This file is part of Fail2Ban.
    5 #
    6 # Fail2Ban is free software; you can redistribute it and/or modify
    7 # it under the terms of the GNU General Public License as published by
    8 # the Free Software Foundation; either version 2 of the License, or
    9 # (at your option) any later version.
   10 #
   11 # Fail2Ban is distributed in the hope that it will be useful,
   12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
   13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14 # GNU General Public License for more details.
   15 #
   16 # You should have received a copy of the GNU General Public License
   17 # along with Fail2Ban; if not, write to the Free Software
   18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
   19 
   20 # Author: Cyril Jaquier
   21 # 
   22 
   23 __author__ = "Cyril Jaquier"
   24 __copyright__ = "Copyright (c) 2004 Cyril Jaquier"
   25 __license__ = "GPL"
   26 
   27 import textwrap
   28 
   29 def output(s):
   30     """Default output handler for printing protocol. 
   31   Used to ease mocking in the test cases.
   32     """
   33     print(s)
   34 
   35 ##
   36 # Describes the protocol used to communicate with the server.
   37 
   38 class dotdict(dict):
   39     def __getattr__(self, name):
   40         return self[name]
   41 
   42 CSPROTO = dotdict({
   43     "EMPTY":  b"",
   44     "END":    b"<F2B_END_COMMAND>",
   45     "CLOSE":  b"<F2B_CLOSE_COMMAND>"
   46 })
   47 
   48 protocol = [
   49 ['', "BASIC", ""],
   50 ["start", "starts the server and the jails"], 
   51 ["restart", "restarts the server"], 
   52 ["restart [--unban] [--if-exists] <JAIL>", "restarts the jail <JAIL> (alias for 'reload --restart ... <JAIL>')"], 
   53 ["reload [--restart] [--unban] [--all]", "reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby can unban IP addresses (if option '--unban' specified)"],
   54 ["reload [--restart] [--unban] [--if-exists] <JAIL>", "reloads the jail <JAIL>, or restarts it (if option '--restart' specified)"],
   55 ["stop", "stops all jails and terminate the server"], 
   56 ["unban --all", "unbans all IP addresses (in all jails and database)"],
   57 ["unban <IP> ... <IP>", "unbans <IP> (in all jails and database)"],
   58 ["status", "gets the current status of the server"], 
   59 ["ping", "tests if the server is alive"],
   60 ["echo", "for internal usage, returns back and outputs a given string"],
   61 ["help", "return this output"], 
   62 ["version", "return the server version"],
   63 ['', "LOGGING", ""],
   64 ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARNING, NOTICE, INFO, "
   65     "DEBUG, TRACEDEBUG, HEAVYDEBUG or corresponding numeric value (50-5)"], 
   66 ["get loglevel", "gets the logging level"], 
   67 ["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file"], 
   68 ["get logtarget", "gets logging target"], 
   69 ["set syslogsocket auto|<SOCKET>", "sets the syslog socket path to auto or <SOCKET>. Only used if logtarget is SYSLOG"],
   70 ["get syslogsocket", "gets syslog socket path"],
   71 ["flushlogs", "flushes the logtarget if a file and reopens it. For log rotation."], 
   72 ['', "DATABASE", ""],
   73 ["set dbfile <FILE>", "set the location of fail2ban persistent datastore. Set to \"None\" to disable"], 
   74 ["get dbfile", "get the location of fail2ban persistent datastore"], 
   75 ["set dbmaxmatches <INT>", "sets the max number of matches stored in database per ticket"], 
   76 ["get dbmaxmatches", "gets the max number of matches stored in database per ticket"], 
   77 ["set dbpurgeage <SECONDS>", "sets the max age in <SECONDS> that history of bans will be kept"], 
   78 ["get dbpurgeage", "gets the max age in seconds that history of bans will be kept"], 
   79 ['', "JAIL CONTROL", ""],
   80 ["add <JAIL> <BACKEND>", "creates <JAIL> using <BACKEND>"], 
   81 ["start <JAIL>", "starts the jail <JAIL>"], 
   82 ["stop <JAIL>", "stops the jail <JAIL>. The jail is removed"], 
   83 ["status <JAIL> [FLAVOR]", "gets the current status of <JAIL>, with optional flavor or extended info"],
   84 ['', "JAIL CONFIGURATION", ""],
   85 ["set <JAIL> idle on|off", "sets the idle state of <JAIL>"], 
   86 ["set <JAIL> ignoreself true|false", "allows the ignoring of own IP addresses"], 
   87 ["set <JAIL> addignoreip <IP>", "adds <IP> to the ignore list of <JAIL>"], 
   88 ["set <JAIL> delignoreip <IP>", "removes <IP> from the ignore list of <JAIL>"], 
   89 ["set <JAIL> ignorecommand <VALUE>", "sets ignorecommand of <JAIL>"],
   90 ["set <JAIL> ignorecache <VALUE>", "sets ignorecache of <JAIL>"],
   91 ["set <JAIL> addlogpath <FILE> ['tail']", "adds <FILE> to the monitoring list of <JAIL>, optionally starting at the 'tail' of the file (default 'head')."], 
   92 ["set <JAIL> dellogpath <FILE>", "removes <FILE> from the monitoring list of <JAIL>"],
   93 ["set <JAIL> logencoding <ENCODING>", "sets the <ENCODING> of the log files for <JAIL>"],
   94 ["set <JAIL> addjournalmatch <MATCH>", "adds <MATCH> to the journal filter of <JAIL>"],
   95 ["set <JAIL> deljournalmatch <MATCH>", "removes <MATCH> from the journal filter of <JAIL>"],
   96 ["set <JAIL> addfailregex <REGEX>", "adds the regular expression <REGEX> which must match failures for <JAIL>"], 
   97 ["set <JAIL> delfailregex <INDEX>", "removes the regular expression at <INDEX> for failregex"], 
   98 ["set <JAIL> addignoreregex <REGEX>", "adds the regular expression <REGEX> which should match pattern to exclude for <JAIL>"],
   99 ["set <JAIL> delignoreregex <INDEX>", "removes the regular expression at <INDEX> for ignoreregex"], 
  100 ["set <JAIL> findtime <TIME>", "sets the number of seconds <TIME> for which the filter will look back for <JAIL>"], 
  101 ["set <JAIL> bantime <TIME>", "sets the number of seconds <TIME> a host will be banned for <JAIL>"], 
  102 ["set <JAIL> datepattern <PATTERN>", "sets the <PATTERN> used to match date/times for <JAIL>"],
  103 ["set <JAIL> usedns <VALUE>", "sets the usedns mode for <JAIL>"],
  104 ["set <JAIL> attempt <IP> [<failure1> ... <failureN>]", "manually notify about <IP> failure"], 
  105 ["set <JAIL> banip <IP> ... <IP>", "manually Ban <IP> for <JAIL>"], 
  106 ["set <JAIL> unbanip [--report-absent] <IP> ... <IP>", "manually Unban <IP> in <JAIL>"], 
  107 ["set <JAIL> maxretry <RETRY>", "sets the number of failures <RETRY> before banning the host for <JAIL>"], 
  108 ["set <JAIL> maxmatches <INT>", "sets the max number of matches stored in memory per ticket in <JAIL>"], 
  109 ["set <JAIL> maxlines <LINES>", "sets the number of <LINES> to buffer for regex search for <JAIL>"], 
  110 ["set <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]", "adds a new action named <ACT> for <JAIL>. Optionally for a Python based action, a <PYTHONFILE> and <JSONKWARGS> can be specified, else will be a Command Action"], 
  111 ["set <JAIL> delaction <ACT>", "removes the action <ACT> from <JAIL>"], 
  112 ["", "COMMAND ACTION CONFIGURATION", ""],
  113 ["set <JAIL> action <ACT> actionstart <CMD>", "sets the start command <CMD> of the action <ACT> for <JAIL>"], 
  114 ["set <JAIL> action <ACT> actionstop <CMD>", "sets the stop command <CMD> of the action <ACT> for <JAIL>"], 
  115 ["set <JAIL> action <ACT> actioncheck <CMD>", "sets the check command <CMD> of the action <ACT> for <JAIL>"], 
  116 ["set <JAIL> action <ACT> actionban <CMD>", "sets the ban command <CMD> of the action <ACT> for <JAIL>"],
  117 ["set <JAIL> action <ACT> actionunban <CMD>", "sets the unban command <CMD> of the action <ACT> for <JAIL>"], 
  118 ["set <JAIL> action <ACT> timeout <TIMEOUT>", "sets <TIMEOUT> as the command timeout in seconds for the action <ACT> for <JAIL>"],
  119 ["", "GENERAL ACTION CONFIGURATION", ""],
  120 ["set <JAIL> action <ACT> <PROPERTY> <VALUE>", "sets the <VALUE> of <PROPERTY> for the action <ACT> for <JAIL>"],
  121 ["set <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]", "calls the <METHOD> with <JSONKWARGS> for the action <ACT> for <JAIL>"],
  122 ['', "JAIL INFORMATION", ""],
  123 ["get <JAIL> logpath", "gets the list of the monitored files for <JAIL>"],
  124 ["get <JAIL> logencoding", "gets the encoding of the log files for <JAIL>"],
  125 ["get <JAIL> journalmatch", "gets the journal filter match for <JAIL>"],
  126 ["get <JAIL> ignoreself", "gets the current value of the ignoring the own IP addresses"],
  127 ["get <JAIL> ignoreip", "gets the list of ignored IP addresses for <JAIL>"],
  128 ["get <JAIL> ignorecommand", "gets ignorecommand of <JAIL>"],
  129 ["get <JAIL> failregex", "gets the list of regular expressions which matches the failures for <JAIL>"],
  130 ["get <JAIL> ignoreregex", "gets the list of regular expressions which matches patterns to ignore for <JAIL>"],
  131 ["get <JAIL> findtime", "gets the time for which the filter will look back for failures for <JAIL>"],
  132 ["get <JAIL> bantime", "gets the time a host is banned for <JAIL>"],
  133 ["get <JAIL> datepattern", "gets the patern used to match date/times for <JAIL>"],
  134 ["get <JAIL> usedns", "gets the usedns setting for <JAIL>"],
  135 ["get <JAIL> banip [<SEP>|--with-time]", "gets the list of of banned IP addresses for <JAIL>. Optionally the separator character ('<SEP>', default is space) or the option '--with-time' (printing the times of ban) may be specified. The IPs are ordered by end of ban."],
  136 ["get <JAIL> maxretry", "gets the number of failures allowed for <JAIL>"],
  137 ["get <JAIL> maxmatches", "gets the max number of matches stored in memory per ticket in <JAIL>"], 
  138 ["get <JAIL> maxlines", "gets the number of lines to buffer for <JAIL>"],
  139 ["get <JAIL> actions", "gets a list of actions for <JAIL>"],
  140 ["", "COMMAND ACTION INFORMATION",""],
  141 ["get <JAIL> action <ACT> actionstart", "gets the start command for the action <ACT> for <JAIL>"],
  142 ["get <JAIL> action <ACT> actionstop", "gets the stop command for the action <ACT> for <JAIL>"],
  143 ["get <JAIL> action <ACT> actioncheck", "gets the check command for the action <ACT> for <JAIL>"],
  144 ["get <JAIL> action <ACT> actionban", "gets the ban command for the action <ACT> for <JAIL>"],
  145 ["get <JAIL> action <ACT> actionunban", "gets the unban command for the action <ACT> for <JAIL>"],
  146 ["get <JAIL> action <ACT> timeout", "gets the command timeout in seconds for the action <ACT> for <JAIL>"],
  147 ["", "GENERAL ACTION INFORMATION", ""],
  148 ["get <JAIL> actionproperties <ACT>", "gets a list of properties for the action <ACT> for <JAIL>"],
  149 ["get <JAIL> actionmethods <ACT>", "gets a list of methods for the action <ACT> for <JAIL>"],
  150 ["get <JAIL> action <ACT> <PROPERTY>", "gets the value of <PROPERTY> for the action <ACT> for <JAIL>"],
  151 ]
  152 
  153 
  154 ##
  155 # Prints the protocol in a "man" format. This is used for the
  156 # "-h" output of fail2ban-client.
  157 
  158 def printFormatted():
  159     INDENT=4
  160     MARGIN=41
  161     WIDTH=34
  162     firstHeading = False
  163     for m in protocol:
  164         if m[0] == '' and firstHeading:
  165             output("")
  166         firstHeading = True
  167         first = True
  168         if len(m[0]) >= MARGIN:
  169             m[1] = ' ' * WIDTH + m[1]
  170         for n in textwrap.wrap(m[1], WIDTH, drop_whitespace=False):
  171             if first:
  172                 line = ' ' * INDENT + m[0] + ' ' * (MARGIN - len(m[0])) + n.strip()
  173                 first = False
  174             else:
  175                 line = ' ' * (INDENT + MARGIN) + n.strip()
  176             output(line)
  177 
  178 
  179 ##
  180 # Prints the protocol in a "mediawiki" format.
  181 
  182 def printWiki():
  183     firstHeading = False
  184     for m in protocol:
  185         if m[0] == '':
  186             if firstHeading:
  187                 output("|}")
  188             __printWikiHeader(m[1], m[2])
  189             firstHeading = True
  190         else:
  191             output("|-")
  192             output("| <span style=\"white-space:nowrap;\"><tt>" + m[0] + "</tt></span> || || " + m[1])
  193     output("|}")
  194 
  195 
  196 def __printWikiHeader(section, desc):
  197     output("")
  198     output("=== " + section + " ===")
  199     output("")
  200     output(desc)
  201     output("")
  202     output("{|")
  203     output("| '''Command''' || || '''Description'''")