ܜ^c@sdZdZdZddlZddlZddlZddlZddlmZddl m Z m Z m Z m Z dd lm Z e eZd efd YZdS( s.Cyril Jaquier, Lee Clemens, Yaroslav HalchenkosPCopyright (c) 2004 Cyril Jaquier, 2011-2012 Lee Clemens, 2012 Yaroslav HalchenkotGPLiNi(tActionsi(t getLoggert_as_booltextractOptionstMyTime(RtJailcBs+eZdZddddgZdddZdZdZd Zd Z d Z d Z e d Z e dZe dZe dZe dZejdZddZdZdZdZddZdZedZdZeedZdZRS(sgFail2Ban jail, which manages a filter and associated actions. The class handles the initialisation of a filter, and actions. It's role is then to act as an interface between the filter and actions, passing bans detected by the filter, for the actions to then act upon. Parameters ---------- name : str Name assigned to the jail. backend : str Backend to be used for filter. "auto" will attempt to pick the most preferred backend method. Default: "auto" db : Fail2BanDb Fail2Ban persistent database instance. Default: `None` Attributes ---------- name database filter actions idle status t pyinotifytgamintpollingtsystemdtautocCs||_t|dkr/tjd|n||_tj|_d|_i|_ tj d|j |dk r|j |n||_ dS(Nis]Jail name %r might be too long and some commands might not function correctly. Please shortensCreating new jail '%s'(t _Jail__dbtlentlogSystwarningt _Jail__nametQueuet _Jail__queuetNonet _Jail__filtert _banExtratinfotnamet _setBackendtbackend(tselfRRtdb((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt__init__Gs       cCsd|jj|jfS(Ns%s(%r)(t __class__t__name__R(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt__repr__XscCst|\}}|j}|j}|dkr||jkrrtjd||ftd||fn||j|}nx|D]}t|d|j}yd|||dkr||krtj d||fntj d|t ||_ dSWqt k rY}tj|dkr?tjntjd||fqXqWtjd|jtd|jdS(NR s.Unknown backend %s. Must be among %s or 'auto's_init%ss9Could only initiated %r backend whenever %r was requestedsInitiated %r backends)Backend %r failed to initialize due to %ss,Failed to initialize any backend for Jail %r(Rtlowert _BACKENDSRterrort ValueErrortindextgetattrt capitalizeRRRt_Jail__actionst ImportErrortlogtloggingtDEBUGtERRORRt RuntimeError(RRtbeArgstbackendstbt initmethodte((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR[s8       cKs@ddlm}tjd|j|f||||_dS(Ni(t FilterPollsJail '%s' uses poller %r(t filterpollR3RRRR(RtkwargsR3((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt _initPollingscKs@ddlm}tjd|j|f||||_dS(Ni(t FilterGaminsJail '%s' uses Gamin %r(t filtergaminR7RRRR(RR5R7((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt _initGaminscKs@ddlm}tjd|j|f||||_dS(Ni(tFilterPyinotifysJail '%s' uses pyinotify %r(tfilterpyinotifyR:RRRR(RR5R:((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt_initPyinotifyscKs@ddlm}tjd|j|f||||_dS(Ni(t FilterSystemdsJail '%s' uses systemd %r(t filtersystemdR=RRRR(RR5R=((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt _initSystemdscCs|jS(sName of jail. (R(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyRscCs|jS(s;The database used to store persistent data for the jail. (R (R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytdatabasescCs|jS(s;The filter which the jail is using to monitor log files. (R(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytfilterscCs|jS(s2Actions object used to manage actions for jail. (R'(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytactionsscCs|jjp|jjS(s-A boolean indicating whether jail is idle. (RAtidleRB(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyRCscCs||j_||j_dS(N(RARCRB(Rtvalue((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyRCs tbasiccCs4d|jjd|fd|jjd|fgS(sThe status of the jail. tFiltertflavorR(RAtstatusRB(RRG((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyRHscCs|jj|dS(sQAdd a fail ticket to the jail. Used by filter to add a failure for banning. N(Rtput(Rtticket((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt putFailTicketscCs6y|jjt}|SWntjk r1tSXdS(sTGet a fail ticket from the jail. Used by actions to get a failure for banning. N(RtgettFalseRtEmpty(RRJ((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt getFailTickets csX|j}|dkrd}n|dk r7|||ss?ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactors~inline-conf-expr~tevalcSst|jt|S(N(tmaxR[R`(R]R^RT((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR_scst||S(N(tmin(R]RW(RR(s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR_scs||tjS(N(trandom(R]RW(RS(s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR_s(smaxtimesrndtime(sformulaRUsmaxtimesrndtimes multipliers(RRRRRRLR@RRt str2secondstsplittintR`R tcompile(RtoptRDtbetiR^RWRT((RRRVRSs8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytsetBanTimeExtras@          $ M   cCs&|dk r|jj|dS|jS(N(RRRL(RRh((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytgetBanTimeExtras cCs2|jjdr%|jjddS|jjS(s)Returns max possible ban-time of jail. RQRRi(RRLRBt getBanTime(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyt getMaxBanTime sc Csyq|jd k rp|jjdrBd }|rQ|j}qQn|jj}x|jjd|d|d|d|jj j D]}y|jj |j dt rwnt |_|j|}tj|j}|dkr|dkr||8}n|dkr |dkr wn|j|Wqtk rh}tjd |d tjtjkqXqWnWn8tk r}tjd |d tjtjknXd S( s5Restore any previous valid bans from the database. RQtjailt forbantimetcorrectBanTimet maxmatchest log_ignoreiisRestore ticket failed: %stexc_infosRestore bans failed: %sN(R@RRRLRnRBRmtgetCurrentBansRAt failManagert maxMatchestinIgnoreIPListtgetIPtTruetrestoredRttimetgetTimeRKt ExceptionRR"tgetEffectiveLevelR*R+(RRqRpRJtbtmtdiftmR2((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pytrestoreCurrentBanss4  %cCsNtjd|j|jj|jj|jtjd|jdS(sStart the jail, by starting filter and actions threads. Once stated, also queries the persistent database to reinstate any valid bans. sStarting jail %rsJail %r startedN(RtdebugRRAtstartRBRR(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR3s    c Cs|rtjd|jnx|j|jfD]t}y*|rK|jn|r^|jnWq/tk r}tjd||j|dtj t j kq/Xq/W|rtj d|jndS(s9Stop the jail, by stopping filter and actions threads. sStopping jail %rsStop %r of jail %r failed: %sRtsJail %r stoppedN( RRRRARBtstoptjoinR~R"RR*R+R(RRRtobjR2((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR?s cCs|jjp|jjS(s?Check jail "isAlive" by checking filter and actions threads. (RAtisAliveRB(R((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyRRsN(Rt __module__t__doc__R!RRRRR6R9R<R?tpropertyRR@RARBRCtsetterRHRKRORkRlRnRzRRRR(((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyR's2  &      -   $ (t __author__t __copyright__t __license__R*tmathRcRRBRthelpersRRRRtmytimeRRtobjectR(((s8/usr/lib/python2.7/site-packages/fail2ban/server/jail.pyts    "