Bd:=dZdZdZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z dd l m Z dd lmZdd lmZmZmZmZmZmZdd lmZd ZdZdZGddee ZGddZGddZdZdZ dS)zFail2Ban Developersz^Copyright (c) 2004-2008 Cyril Jaquier, 2012-2014 Yaroslav Halchenko, 2014-2016 Serg G. BresterGPLN)Thread)version)CSocket) Beautifier)Fail2banCmdLineServerExecutionException ExitExceptionlogSysexitoutput)Utilsz fail2ban> c<tjjjSN) threadingcurrent_thread __class____name__@/usr/lib/python3/dist-packages/fail2ban/client/fail2banclient.py _thread_namer,s "",55rc*ttSr)inputPROMPTrrr input_commandr/s f rceZdZdZdZdZddZedZdd Z dd Z d Z dZ ddZ ddZdZdZddZdZdS)Fail2banClientctj|tj|d|_d|_d|_dS)NT)r __init__r_alive_server _beautifierselfs rr"zFail2banClient.__init__8s?4   /$$+$,$rcvtdtzdztdtddS)Nz Fail2Ban vz5 reads log file that contains password failure reportz=and bans the corresponding IP addresses using firewall rules.)rrr&s rdispInteractivezFail2banClient.dispInteractive?s9 "Y YZZZ HIII*****rcptdtjd|ztddS)Nr)zCaught signal %d. Exiting)rr warningr)r'signumframes r__sigTERMhandlerzFail2banClient.__sigTERMhandlerDs2***.,v5666s)))))r皙?cN|dg|dkr|gngzgd|S)NpingFtimeout)_Fail2banClient__processCmd)r'r6s r__pingzFail2banClient.__pingJs>  VHW]] KL'   rcR|jr|jSt|_|jSr)r%r r&s r beautifierzFail2banClient.beautifierNs+   \\$ rTr4c^d} |j}d}|D]}|| |st|jd|}n|dkr|||jddkrt jdd|||}|d d krQt jdd |d |s |d d vr(t| |d nLt j d |d j |r(t| |d d}:#tj $r} |s|jdd krF|s |d dkr!|| |d dknt jdd|| Yd} ~ |rT |n>#t $r1} |s|jdd krt j| Yd} ~ nd} ~ wwxYw|s |d d vr t$jdSdSd} ~ wt $r} |s|jdd kr:|jdd krt j| nt j | Yd} ~ |rT |n>#t $r1} |s|jdd krt j| Yd} ~ nd} ~ wwxYw|s |d d vr t$jdSdSd} ~ wwxYw |rT |n>#t $r1} |s|jdd krt j| Yd} ~ nd} ~ wwxYw|s |d d vrt$jn#|rT |n>#t $r1} |s|jdd krt j| Yd} ~ nd} ~ wwxYw|s |d d vrt$jwwxYw|S)NTsocketr5r4verboserzCMD: %rrzOK : %rr)echo server-statuszNOK: %rFr3z -- %s failed -- %r)r: setInputCmdr_conf settimeoutr logsendrbeautifyerrorargs beautifyErrorr<_Fail2banClient__logSocketErrorclose Exceptiondebugsysstdoutflush exception) r'cmdshowRetr6clientr: streamRetcretes r __processCmdzFail2banClient.__processCmdUs &-:9   q1 !tz(+W===ff R--     9!! jIq!!! ;;q>>S A!  jIs1v&&& +AaD555 j!!#a&))*** l9c!fk*** 0 j&&s1v..///i <24:i(1,, 2AaDFNN Q!//// z!*Aq111 EEEE  \\^^^^ 4:i(1,, l1ooo1222J32 4:i(1,, I  " "  |A EEEE  \\^^^^ 4:i(1,, l1ooo1222J325 F  \\^^^^ 4:i(1,, l1ooo1222J  \\^^^^ 4:i(1,, l1ooo1222J3 s#N'DE N' L"AH:1N'9G H 'HH : L"A LN'J11 K,;'K''K,L""N')L>> M9'M44M9'P*+O?P* O; 'O61P*6O;;/P*r)Fc8 tj|jdtjrtj|jdtjr6|rt j|dSt jd|rd|znddSt jd|jddSt jd|jddS#t$r?}t jd|jdt j|Yd}~dSd}~wwxYw)Nr<z*%sUnable to contact server. Is it running?z[%s] r)z3Permission denied to socket: %s, (you must be root)z6Failed to access socket path: %s. Is fail2ban running?z*Exception while checking socket access: %s)osaccessrBF_OKW_OKr rGrL)r' prevError errorOnlyrXs r__logSocketErrorzFail2banClient.__logSocketErrorsMi 8$bg.. yH%rw// 63 l9 l? )1)r33333 \ $ 8 466666 L  8  << z( <?????????s*A*C.C C. C D4DDc4|rtjddS|\}}|sdS|jds@t j|jdrtjddSd|gdggS)NzServer already runningforcer<zLFail2ban seems to be in unexpected state (not running but the socket exists)z server-streamr@)_Fail2banClient__pingr rG readConfigrBr[pathexists)r'rWstreams r__prepareStartServerz#Fail2banClient.__prepareStartServers [[]] <())) $!!+#v  $ G  80D!E!E <^___ $ F #o%6 77rc||_dSr)r$r'ss r _set_serverzFail2banClient._set_servers $,,,rcddlm}|}d|_|sdS |r3||j||dsdSnt}|||d|_ | |jd|j |_ | dds6|j r |j d|_ tdn#t $rt"$ro}t%dt'jd |rd nd z|jd dkrt'j|nt'j|Yd}~dSd}~wwxYwdS) Nr)Fail2banServerTF)phaserhdoner,r)z Exception while starting server background foregroundr=)fail2banserverro#_Fail2banClient__prepareStartServerr#startServerAsyncrB,_Fail2banClient__processStartStreamAfterWaitdictconfigureServerdaemonstartServerDirectrmr$getquitrr rLrr rGrQ)r'rrrorhrprXs r __startServerzFail2banClient.__startServers,,,,,,  $ $ & &&$+  %##DJ///  - -fe < < E FFEuV444DK!33DJtGWXXDL 99VU # #  ldl #YYY      "::: <2j6bllVbcddd ja Q LOOO %%%%% s2C;BC;;E>A$E99E>Nc|rfd}||jd<ttj|d|f}d|_||a_t jfd|jddtj d d  d dstd dSdd <tj d d || }$|rdndxd<d <tj d d |sdS8t jfddd|rdndd<tj d d | |d}|d<|S)Nc>dd<tjdddS)NT start-readyr> server phase %s)r rDrpsr _server_readyz5Fail2banClient.configureServer.._server_readys( U= Z&.....ronstartF)targetrHTc4ddduS)Nreadyr|rsrz0Fail2banClient.configureServer..s599Wd334?rr6gMbP?r>rstartz$Async configuration of server failedz client phase %src4ddduS)Nrrrsrrz0Fail2banClient.configureServer..s%))M488Dr? configurerq)rBrr ryrzrrwait_forr rDr|r rurw)r'nonsyncrprhrthrWs ` rryzFail2banClient.configureServers  /////*DJyn4D%PV;WXXX22988::: n* N????IAVX]^^^ Jq%u--- 99We $ $L #$J K KK $ 5> :a$e,,, ^  % % ' '6 .4&?dd%@5>E'N :a$e,,,  % >DDDDc5QQQ!'2U5 :a$e,,, **6599# 5= *rc,t|tst|}t|dkr2|ddkr&||jd}|sdS|St|dkrE|ddkr8t|dkrddg|dd<||S|jd drtd |d g|dstj d dS|jd drAtd | | |j }||S|jd drtd|dgSt|dkr_|ddkrRg}t|dkro|ddvr||d|d=n3t|dkrtj d|dddSnt|dko|drt|dks |ddkrd}|\}}n |d}||\}}|sdS|jd drtd|d|||ggdStj ddSt|dkr7|ddkr+||gt%|dS||gS)NrrrrrFrestartreload --restart interactivez ## stop ... stopzCould not stop serverz ## load configuration ... z ## start ... r)rz--unbanz --if-existsz%Unexpected argument(s) for reload: %rr4r5z--allz ## reload ... TzCould not find serverr3) isinstancelistlen_Fail2banClient__startServerrB_Fail2banClient__processCommandr|r_Fail2banClient__waitOnServerr rG resetConf initCmdLine_argvappendrdrer7float)r'rRrWoptsjailrhs r__processCommandzFail2banClient.__processCommands C   c3XX]]s1v((  DJ|4 5 53  5 : 3xx1}}Q9,, #hhll+&C!H   % %% jnn]E** &"""   e $ $ L())) 5 jnn]E** )***NN   4: & &C  Z jnn]E**     * ** 3xx1}}Q8++ 4 SQ 1v888 [[Q Q C1  l:CGDDD U  SQ kk"k 3xx1}}A')) T??$$[S&& FT??4(([S&  E z~~mU++     xtV<=t D DD L())) 5 3xx!||A&((   SE5Q==  9 99   SE " ""rcd} |stjddS|j|}na#t$rT}|jddkrtj|tjd|jdzdzYd}~nd}~wwxYw|s'|jr |jd|_|S)NFz%Could not find server, waiting failedr=rzQCould not start server. Maybe an old socket file is still present. Try to remove r<zR. If you used fail2ban-client to start the server, adding the -x option will do it) rr rGr7r rBrQr$r})r'rHrWrXs r__processStartStreamAfterWaitz,Fail2banClient.__processStartStreamAfterWaitZs #2      L8999 5  D !33 !222 ja Q <:h'(+11222222222 <4< *s(9 9 BA BBc^| jd}tj}tjdd||fdfd}t jd5}jr|}||kr ddddStj|z }tjdd||d kr|||krtd td z|d krd ndtj jdddn #1swxYwYdS)Nr6r>z__waitOnServer: %rgy?ctjjdoS)Nr<r5)r[rfrgrBrd)r'sltimesrrz/Fail2banClient.__waitOnServer..xs/ 8 455U$++f+:U:Urr=Tz wait-time: %srzFailed to start serverrg?rr1F) rBtimer rD VisualWaitr# heartbeatr minsleep) r'alivemaxtime starttimetestvisrunfwaittimers ` @r__waitOnServerzFail2banClient.__waitOnServerqs _ Z "7ikk)*Q$ug&6777 & U U U U U$$*Y'((C  466D u}}   y{{Y&H Jq#X...!||]]___7 #$< = == !HsNNSS < ____ >>> #$< = ==> S D A  ! !$ ' 'c o...  __s --3&==64;##%%uq" M!R7 -- r    u{3// 0 0 0 0    Jy !A % %  1     ,q///  $ ' (    BZZZ   4yy1}} ^^ 4;##%%uq" M!R   & &4;##%%uq" M!RG6  ja Q LOOO %%%4;##%%uq" M!R7D4;##%%uq" M!R4;##%%uq" M!Rs" L);2L).C32L)3D  L)A1I;!I'HI I:I IIIL)"I::*L)L)(O*) N.3:N)-O*)N..O**8P")r1)Tr4)r)F)T)TNN)TN)r __module__ __qualname__r"r*rrdpropertyr:r7rJrurmrryrrwrrrrrr r 6s+        ( 0000d2888$''''T) ) ) ) bF#F#F#R   .4AAAAArr c4eZdZdZdZdZd dZdZdZdZ d S) _VisualWaitzJSmall progress indication (as "wonderful visual") during waiting process rr c||_dSr)maxpos)r'rs rr"z_VisualWait.__init__s $+++rc|Srrr&s r __enter__z_VisualWait.__enter__ +rc|jrPtjddd|jzzzdztjdSdS)N  #)posrNrOwriterrPr'rHs r__exit__z_VisualWait.__exit__s[ X:D#r$+~./4555:rc|js-tjdd|jzzdz|xj|jz c_|jdkr|jdkrdnd}nd}tj|tj|j|jkr d |_d S|jd kr d|_d Sd S) z&Show or step for progress indicator z INFO [#rz] Waiting on the server... rrz #z# z # r4rN)rrNrOrrdeltarPrks rrz_VisualWait.heartbeats _:MS_58]]^^^((dj(( Z!^^hll{{ 111*1* X 4::: x!||4:::|rN)r) rrr__doc__rrr"rrrrrrrrsi rrc$eZdZdZdZdZdZdS)_NotVisualWaitz8Mockup for invisible progress indication (not verbose) c|Srrr&s rrz_NotVisualWait.__enter__rrcdSrrrs rrz_NotVisualWait.__exit__$rcdSrrr&s rrz_NotVisualWait.heartbeatrrN)rrrrrrrrrrrrsKrrcB|dkr t|i|n tS)z3Wonderful visual progress indication (if verbose) r)rr)r=rHkwargss rrrs*)0! T$V$$$9I9IIrct}||rtddStddS)Nrr,)r rr)rrTs rexec_command_liners?    LL q'''''s)))))r)! __author__ __copyright__ __license__r[rrr<rNrrrrcsocketrr:r fail2bancmdliner r r r rr server.utilsrrrrr rrrrrrrrs&# p  """"""! 666VVVVV_fVVVr :JJJ      r