def __init__(self, daemon=False): self.__loggingLock = Lock() self.__lock = RLock() self.__jails = Jails() self.__daemon = daemon self.__transm = Transmitter(self) self.__asyncServer = AsyncServer(self.__transm) self.__logLevel = 3 self.__logTarget = "STDOUT" self.setLogLevel(self.__logLevel) self.setLogTarget(self.__logTarget)
class Server: def __init__(self, daemon=False): self.__loggingLock = Lock() self.__lock = RLock() self.__jails = Jails() self.__daemon = daemon self.__transm = Transmitter(self) self.__asyncServer = AsyncServer(self.__transm) self.__logLevel = 3 self.__logTarget = "STDOUT" self.setLogLevel(self.__logLevel) self.setLogTarget(self.__logTarget) def __sigTERMhandler(self, signum, frame): logSys.debug("Caught signal %d. Exiting" % signum) self.quit() def start(self, sock, force=False): logSys.info("Starting Fail2ban") signal.signal(signal.SIGTERM, self.__sigTERMhandler) signal.signal(signal.SIGINT, self.__sigTERMhandler) os.umask(0077) if self.__daemon: ret = self.__createDaemon() if ret: logSys.info("Daemon started") else: logSys.error("Could not create daemon") raise ServerInitializationError("Could not create daemon") logSys.debug("Starting communication") try: self.__asyncServer.start(sock, force) except AsyncServerException: logSys.error("Could not start server") logSys.info("Exiting Fail2ban") def quit(self): self.stopAllJail() self.__asyncServer.stop() def addJail(self, name, backend): self.__jails.add(name, backend) def delJail(self, name): self.__jails.remove(name) def startJail(self, name): try: self.__lock.acquire() if not self.isAlive(name): self.__jails.get(name).start() finally: self.__lock.release() def stopJail(self, name): try: self.__lock.acquire() if self.isAlive(name): self.__jails.get(name).stop() self.delJail(name) finally: self.__lock.release() def stopAllJail(self): try: self.__lock.acquire() for jail in self.__jails.getAll(): self.stopJail(jail) finally: self.__lock.release() def isAlive(self, name): return self.__jails.get(name).isAlive() def setIdleJail(self, name, value): self.__jails.get(name).setIdle(value) return True def getIdleJail(self, name): return self.__jails.get(name).getIdle() def addIgnoreIP(self, name, ip): self.__jails.getFilter(name).addIgnoreIP(ip) def delIgnoreIP(self, name, ip): self.__jails.getFilter(name).delIgnoreIP(ip) def getIgnoreIP(self, name): return self.__jails.getFilter(name).getIgnoreIP() def addLogPath(self, name, fileName): self.__jails.getFilter(name).addLogPath(fileName) def delLogPath(self, name, fileName): self.__jails.getFilter(name).delLogPath(fileName) def getLogPath(self, name): return self.__jails.getFilter(name).getLogPath() def setTimeRegex(self, name, value): self.__jails.getFilter(name).setTimeRegex(value) def getTimeRegex(self, name): return self.__jails.getFilter(name).getTimeRegex() def setTimePattern(self, name, value): self.__jails.getFilter(name).setTimePattern(value) def getTimePattern(self, name): return self.__jails.getFilter(name).getTimePattern() def setFindTime(self, name, value): self.__jails.getFilter(name).setFindTime(value) def getFindTime(self, name): return self.__jails.getFilter(name).getFindTime() def addFailRegex(self, name, value): self.__jails.getFilter(name).addFailRegex(value) def delFailRegex(self, name, index): self.__jails.getFilter(name).delFailRegex(index) def getFailRegex(self, name): return self.__jails.getFilter(name).getFailRegex() def addIgnoreRegex(self, name, value): self.__jails.getFilter(name).addIgnoreRegex(value) def delIgnoreRegex(self, name, index): self.__jails.getFilter(name).delIgnoreRegex(index) def getIgnoreRegex(self, name): return self.__jails.getFilter(name).getIgnoreRegex() def setMaxRetry(self, name, value): self.__jails.getFilter(name).setMaxRetry(value) def getMaxRetry(self, name): return self.__jails.getFilter(name).getMaxRetry() def addAction(self, name, value): self.__jails.getAction(name).addAction(value) def getLastAction(self, name): return self.__jails.getAction(name).getLastAction() def delAction(self, name, value): self.__jails.getAction(name).delAction(value) def setCInfo(self, name, action, key, value): self.__jails.getAction(name).getAction(action).setCInfo(key, value) def getCInfo(self, name, action, key): return self.__jails.getAction(name).getAction(action).getCInfo(key) def delCInfo(self, name, action, key): self.__jails.getAction(name).getAction(action).delCInfo(key) def setBanTime(self, name, value): self.__jails.getAction(name).setBanTime(value) def getBanTime(self, name): return self.__jails.getAction(name).getBanTime() def setActionStart(self, name, action, value): self.__jails.getAction(name).getAction(action).setActionStart(value) def getActionStart(self, name, action): return self.__jails.getAction(name).getAction(action).getActionStart() def setActionStop(self, name, action, value): self.__jails.getAction(name).getAction(action).setActionStop(value) def getActionStop(self, name, action): return self.__jails.getAction(name).getAction(action).getActionStop() def setActionCheck(self, name, action, value): self.__jails.getAction(name).getAction(action).setActionCheck(value) def getActionCheck(self, name, action): return self.__jails.getAction(name).getAction(action).getActionCheck() def setActionBan(self, name, action, value): self.__jails.getAction(name).getAction(action).setActionBan(value) def getActionBan(self, name, action): return self.__jails.getAction(name).getAction(action).getActionBan() def setActionUnban(self, name, action, value): self.__jails.getAction(name).getAction(action).setActionUnban(value) def getActionUnban(self, name, action): return self.__jails.getAction(name).getAction(action).getActionUnban() def status(self): try: self.__lock.acquire() jailList = "" for jail in self.__jails.getAll(): jailList += jail + ", " length = len(jailList) if not length == 0: jailList = jailList[: length - 2] ret = [("Number of jail", self.__jails.size()), ("Jail list", jailList)] return ret finally: self.__lock.release() def statusJail(self, name): return self.__jails.get(name).getStatus() def setLogLevel(self, value): try: self.__loggingLock.acquire() self.__logLevel = value logLevel = logging.DEBUG if value == 0: logLevel = logging.FATAL elif value == 1: logLevel = logging.ERROR elif value == 2: logLevel = logging.WARNING elif value == 3: logLevel = logging.INFO logging.getLogger("fail2ban").setLevel(logLevel) finally: self.__loggingLock.release() def getLogLevel(self): try: self.__loggingLock.acquire() return self.__logLevel finally: self.__loggingLock.release() def setLogTarget(self, target): try: self.__loggingLock.acquire() if target == "SYSLOG": facility = logging.handlers.SysLogHandler.LOG_DAEMON hdlr = logging.handlers.SysLogHandler("/dev/log", facility=facility) elif target == "STDOUT": hdlr = logging.StreamHandler(sys.stdout) elif target == "STDERR": hdlr = logging.StreamHandler(sys.stderr) else: try: open(target, "a").close() hdlr = logging.FileHandler(target) except IOError: logSys.error("Unable to log to " + target) logSys.info("Logging to previous target " + self.__logTarget) return False self.__logTarget = target for handler in logging.getLogger("fail2ban").handlers: handler.close() logging.getLogger("fail2ban").removeHandler(handler) formatter = logging.Formatter("%(asctime)s %(name)-16s: %(levelname)-6s %(message)s") hdlr.setFormatter(formatter) logging.getLogger("fail2ban").addHandler(hdlr) return True finally: self.__loggingLock.release() def getLogTarget(self): try: self.__loggingLock.acquire() return self.__logTarget finally: self.__loggingLock.release() def __createDaemon(self): """ Detach a process from the controlling terminal and run it in the background as a daemon. http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/278731 """ try: pid = os.fork() except OSError, e: return (e.errno, e.strerror) if pid == 0: os.setsid() signal.signal(signal.SIGHUP, signal.SIG_IGN) try: pid = os.fork() except OSError, e: return (e.errno, e.strerror) if pid == 0: os.chdir("/") else: os._exit(0)