def match_source(self, address): try: address = parse_address(address) except ValueError: return False return self.tokens.match_source(address)
def __match_login__(self, entry): for matcher in SSH_LOGINS: m = matcher.match(entry.message) if m: details = m.groupdict() if 'port' in details: details['port'] = int(details['port']) details['address'] = parse_address(details['address']) entry.update_message_fields(details) return True return False
def add_token(self, token): """Add token Add a token to iptables log entry """ key = None for separator in ('=', ':'): try: key, value = [x.strip() for x in token.split(separator, 1)] break except ValueError: pass for matcher in RE_BYTECOUNT: m = matcher.match(token) if m: key = 'bytes' value = m.groupdict()['bytes'] break if key is None: return token if key in INTEGER_FIELDS: value = int(value) if key in ADDRESS_FIELDS: value = parse_address(value) key = key.lower() if key in self: if 'proto' in self: if self['proto'] == 'UDP' and key == 'len': key = 'udp_eln' return else: raise ValueError('Duplicate key %s' % key) self[key] = value return None