fail2ban.server.filter module¶
- class fail2ban.server.filter.DNSUtils¶
Methods
addr2bin(string) Convert a string IPv4 address into an unsigned integer. bin2addr(addr) Convert a numeric IPv4 address into string n.n.n.n form. cidr(i, n) Convert an IP address string with a CIDR mask into a 32-bit integer. dnsToIp(dns) Convert a DNS into an IP address using the Python socket module. isValidIP(string) Return true if str is a valid IP searchIP(text) Search if an IP address if directly available and return it. textToIp(text, useDns) Return the IP of DNS found in a given text. - IP_CRE = <_sre.SRE_Pattern object at 0x7f9378a08d50>¶
- static addr2bin(string)¶
Convert a string IPv4 address into an unsigned integer.
- static bin2addr(addr)¶
Convert a numeric IPv4 address into string n.n.n.n form.
- static cidr(i, n)¶
Convert an IP address string with a CIDR mask into a 32-bit integer.
- static dnsToIp(dns)¶
Convert a DNS into an IP address using the Python socket module. Thanks to Kevin Drapel.
- static isValidIP(string)¶
Return true if str is a valid IP
- static searchIP(text)¶
Search if an IP address if directly available and return it.
- static textToIp(text, useDns)¶
Return the IP of DNS found in a given text.
- class fail2ban.server.filter.FileContainer(filename, encoding, tail=False)¶
Methods
close() getEncoding() getFileName() getHash() getPos() open() readline() setEncoding(encoding) setPos(value) - close()¶
- getEncoding()¶
- getFileName()¶
- getHash()¶
- getPos()¶
- open()¶
- readline()¶
- setEncoding(encoding)¶
- setPos(value)¶
- class fail2ban.server.filter.FileFilter(jail, **kwargs)¶
Bases: fail2ban.server.filter.Filter
Attributes
daemon A boolean value indicating whether this thread is a daemon thread (True) or not (False). ident Thread identifier of this thread or None if it has not been started. name A string used for identification purposes only. status Status of Filter plus files being monitored. Methods
addBannedIP(ip) addFailRegex(value) addIgnoreIP(ip) addIgnoreRegex(value) addLogPath(path[, tail]) containsLogPath(path) delFailRegex(index) delIgnoreIP(ip) delIgnoreRegex(index) delLogPath(path) findFailure(tupleLine[, date, ...]) getDatePattern() getFailRegex() getFailures(filename) getFileContainer(path) getFindTime() getIgnoreCommand() getIgnoreIP() getIgnoreRegex() getLogEncoding() getLogPath() getMaxLines() getMaxRetry() getName() getUseDns() ignoreLine(tupleLines) inIgnoreIPList(ip) isAlive() Return whether the thread is alive. isDaemon() is_alive() Return whether the thread is alive. join([timeout]) Wait until the thread terminates. processLine(line[, date, returnRawHost, ...]) Split the time portion from log msg and return findFailures on them processLineAndAdd(line[, date]) Processes the line for failures and populates failManager run() setDaemon(daemonic) setDatePattern(pattern) setFindTime(value) setIgnoreCommand(command) setLogEncoding(encoding) setMaxLines(value) setMaxRetry(value) setName(name) setUseDns(value) start() Sets active flag and starts thread. stop() Sets active property to False, to flag run method to return. - addBannedIP(ip)¶
- addFailRegex(value)¶
- addIgnoreIP(ip)¶
- addIgnoreRegex(value)¶
- addLogPath(path, tail=False)¶
- containsLogPath(path)¶
- daemon¶
A boolean value indicating whether this thread is a daemon thread (True) or not (False).
This must be set before start() is called, otherwise RuntimeError is raised. Its initial value is inherited from the creating thread; the main thread is not a daemon thread and therefore all threads created in the main thread default to daemon = False.
The entire Python program exits when no alive non-daemon threads are left.
- delFailRegex(index)¶
- delIgnoreIP(ip)¶
- delIgnoreRegex(index)¶
- delLogPath(path)¶
- findFailure(tupleLine, date=None, returnRawHost=False, checkAllRegex=False)¶
- getDatePattern()¶
- getFailRegex()¶
- getFailures(filename)¶
- getFileContainer(path)¶
- getFindTime()¶
- getIgnoreCommand()¶
- getIgnoreIP()¶
- getIgnoreRegex()¶
- getLogEncoding()¶
- getLogPath()¶
- getMaxLines()¶
- getMaxRetry()¶
- getName()¶
- getUseDns()¶
- ident¶
Thread identifier of this thread or None if it has not been started.
This is a nonzero integer. See the thread.get_ident() function. Thread identifiers may be recycled when a thread exits and another thread is created. The identifier is available even after the thread has exited.
- ignoreLine(tupleLines)¶
- inIgnoreIPList(ip)¶
- isAlive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- isDaemon()¶
- is_alive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- join(timeout=None)¶
Wait until the thread terminates.
This blocks the calling thread until the thread whose join() method is called terminates – either normally or through an unhandled exception or until the optional timeout occurs.
When the timeout argument is present and not None, it should be a floating point number specifying a timeout for the operation in seconds (or fractions thereof). As join() always returns None, you must call isAlive() after join() to decide whether a timeout happened – if the thread is still alive, the join() call timed out.
When the timeout argument is not present or None, the operation will block until the thread terminates.
A thread can be join()ed many times.
join() raises a RuntimeError if an attempt is made to join the current thread as that would cause a deadlock. It is also an error to join() a thread before it has been started and attempts to do so raises the same exception.
- name¶
A string used for identification purposes only.
It has no semantics. Multiple threads may be given the same name. The initial name is set by the constructor.
- processLine(line, date=None, returnRawHost=False, checkAllRegex=False)¶
Split the time portion from log msg and return findFailures on them
- processLineAndAdd(line, date=None)¶
Processes the line for failures and populates failManager
- run()¶
- setDaemon(daemonic)¶
- setDatePattern(pattern)¶
- setFindTime(value)¶
- setIgnoreCommand(command)¶
- setLogEncoding(encoding)¶
- setMaxLines(value)¶
- setMaxRetry(value)¶
- setName(name)¶
- setUseDns(value)¶
- start()¶
Sets active flag and starts thread.
- status¶
Status of Filter plus files being monitored.
- stop()¶
Sets active property to False, to flag run method to return.
- class fail2ban.server.filter.Filter(jail, useDns='warn')¶
Bases: fail2ban.server.jailthread.JailThread
Attributes
daemon A boolean value indicating whether this thread is a daemon thread (True) or not (False). ident Thread identifier of this thread or None if it has not been started. name A string used for identification purposes only. status Status of failures detected by filter. Methods
addBannedIP(ip) addFailRegex(value) addIgnoreIP(ip) addIgnoreRegex(value) delFailRegex(index) delIgnoreIP(ip) delIgnoreRegex(index) findFailure(tupleLine[, date, ...]) getDatePattern() getFailRegex() getFindTime() getIgnoreCommand() getIgnoreIP() getIgnoreRegex() getMaxLines() getMaxRetry() getName() getUseDns() ignoreLine(tupleLines) inIgnoreIPList(ip) isAlive() Return whether the thread is alive. isDaemon() is_alive() Return whether the thread is alive. join([timeout]) Wait until the thread terminates. processLine(line[, date, returnRawHost, ...]) Split the time portion from log msg and return findFailures on them processLineAndAdd(line[, date]) Processes the line for failures and populates failManager run() setDaemon(daemonic) setDatePattern(pattern) setFindTime(value) setIgnoreCommand(command) setMaxLines(value) setMaxRetry(value) setName(name) setUseDns(value) start() Sets active flag and starts thread. stop() Sets active property to False, to flag run method to return. - addBannedIP(ip)¶
- addFailRegex(value)¶
- addIgnoreIP(ip)¶
- addIgnoreRegex(value)¶
- daemon¶
A boolean value indicating whether this thread is a daemon thread (True) or not (False).
This must be set before start() is called, otherwise RuntimeError is raised. Its initial value is inherited from the creating thread; the main thread is not a daemon thread and therefore all threads created in the main thread default to daemon = False.
The entire Python program exits when no alive non-daemon threads are left.
- delFailRegex(index)¶
- delIgnoreIP(ip)¶
- delIgnoreRegex(index)¶
- findFailure(tupleLine, date=None, returnRawHost=False, checkAllRegex=False)¶
- getDatePattern()¶
- getFailRegex()¶
- getFindTime()¶
- getIgnoreCommand()¶
- getIgnoreIP()¶
- getIgnoreRegex()¶
- getMaxLines()¶
- getMaxRetry()¶
- getName()¶
- getUseDns()¶
- ident¶
Thread identifier of this thread or None if it has not been started.
This is a nonzero integer. See the thread.get_ident() function. Thread identifiers may be recycled when a thread exits and another thread is created. The identifier is available even after the thread has exited.
- ignoreLine(tupleLines)¶
- inIgnoreIPList(ip)¶
- isAlive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- isDaemon()¶
- is_alive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- join(timeout=None)¶
Wait until the thread terminates.
This blocks the calling thread until the thread whose join() method is called terminates – either normally or through an unhandled exception or until the optional timeout occurs.
When the timeout argument is present and not None, it should be a floating point number specifying a timeout for the operation in seconds (or fractions thereof). As join() always returns None, you must call isAlive() after join() to decide whether a timeout happened – if the thread is still alive, the join() call timed out.
When the timeout argument is not present or None, the operation will block until the thread terminates.
A thread can be join()ed many times.
join() raises a RuntimeError if an attempt is made to join the current thread as that would cause a deadlock. It is also an error to join() a thread before it has been started and attempts to do so raises the same exception.
- name¶
A string used for identification purposes only.
It has no semantics. Multiple threads may be given the same name. The initial name is set by the constructor.
- processLine(line, date=None, returnRawHost=False, checkAllRegex=False)¶
Split the time portion from log msg and return findFailures on them
- processLineAndAdd(line, date=None)¶
Processes the line for failures and populates failManager
- run()¶
- setDaemon(daemonic)¶
- setDatePattern(pattern)¶
- setFindTime(value)¶
- setIgnoreCommand(command)¶
- setMaxLines(value)¶
- setMaxRetry(value)¶
- setName(name)¶
- setUseDns(value)¶
- start()¶
Sets active flag and starts thread.
- status¶
Status of failures detected by filter.
- stop()¶
Sets active property to False, to flag run method to return.
- class fail2ban.server.filter.JournalFilter(jail, useDns='warn')¶
Bases: fail2ban.server.filter.Filter
Attributes
daemon A boolean value indicating whether this thread is a daemon thread (True) or not (False). ident Thread identifier of this thread or None if it has not been started. name A string used for identification purposes only. status Status of failures detected by filter. Methods
addBannedIP(ip) addFailRegex(value) addIgnoreIP(ip) addIgnoreRegex(value) addJournalMatch(match) delFailRegex(index) delIgnoreIP(ip) delIgnoreRegex(index) delJournalMatch(match) findFailure(tupleLine[, date, ...]) getDatePattern() getFailRegex() getFindTime() getIgnoreCommand() getIgnoreIP() getIgnoreRegex() getJournalMatch(match) getMaxLines() getMaxRetry() getName() getUseDns() ignoreLine(tupleLines) inIgnoreIPList(ip) isAlive() Return whether the thread is alive. isDaemon() is_alive() Return whether the thread is alive. join([timeout]) Wait until the thread terminates. processLine(line[, date, returnRawHost, ...]) Split the time portion from log msg and return findFailures on them processLineAndAdd(line[, date]) Processes the line for failures and populates failManager run() setDaemon(daemonic) setDatePattern(pattern) setFindTime(value) setIgnoreCommand(command) setMaxLines(value) setMaxRetry(value) setName(name) setUseDns(value) start() Sets active flag and starts thread. stop() Sets active property to False, to flag run method to return. - addBannedIP(ip)¶
- addFailRegex(value)¶
- addIgnoreIP(ip)¶
- addIgnoreRegex(value)¶
- addJournalMatch(match)¶
- daemon¶
A boolean value indicating whether this thread is a daemon thread (True) or not (False).
This must be set before start() is called, otherwise RuntimeError is raised. Its initial value is inherited from the creating thread; the main thread is not a daemon thread and therefore all threads created in the main thread default to daemon = False.
The entire Python program exits when no alive non-daemon threads are left.
- delFailRegex(index)¶
- delIgnoreIP(ip)¶
- delIgnoreRegex(index)¶
- delJournalMatch(match)¶
- findFailure(tupleLine, date=None, returnRawHost=False, checkAllRegex=False)¶
- getDatePattern()¶
- getFailRegex()¶
- getFindTime()¶
- getIgnoreCommand()¶
- getIgnoreIP()¶
- getIgnoreRegex()¶
- getJournalMatch(match)¶
- getMaxLines()¶
- getMaxRetry()¶
- getName()¶
- getUseDns()¶
- ident¶
Thread identifier of this thread or None if it has not been started.
This is a nonzero integer. See the thread.get_ident() function. Thread identifiers may be recycled when a thread exits and another thread is created. The identifier is available even after the thread has exited.
- ignoreLine(tupleLines)¶
- inIgnoreIPList(ip)¶
- isAlive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- isDaemon()¶
- is_alive()¶
Return whether the thread is alive.
This method returns True just before the run() method starts until just after the run() method terminates. The module function enumerate() returns a list of all alive threads.
- join(timeout=None)¶
Wait until the thread terminates.
This blocks the calling thread until the thread whose join() method is called terminates – either normally or through an unhandled exception or until the optional timeout occurs.
When the timeout argument is present and not None, it should be a floating point number specifying a timeout for the operation in seconds (or fractions thereof). As join() always returns None, you must call isAlive() after join() to decide whether a timeout happened – if the thread is still alive, the join() call timed out.
When the timeout argument is not present or None, the operation will block until the thread terminates.
A thread can be join()ed many times.
join() raises a RuntimeError if an attempt is made to join the current thread as that would cause a deadlock. It is also an error to join() a thread before it has been started and attempts to do so raises the same exception.
- name¶
A string used for identification purposes only.
It has no semantics. Multiple threads may be given the same name. The initial name is set by the constructor.
- processLine(line, date=None, returnRawHost=False, checkAllRegex=False)¶
Split the time portion from log msg and return findFailures on them
- processLineAndAdd(line, date=None)¶
Processes the line for failures and populates failManager
- run()¶
- setDaemon(daemonic)¶
- setDatePattern(pattern)¶
- setFindTime(value)¶
- setIgnoreCommand(command)¶
- setMaxLines(value)¶
- setMaxRetry(value)¶
- setName(name)¶
- setUseDns(value)¶
- start()¶
Sets active flag and starts thread.
- status¶
Status of failures detected by filter.
- stop()¶
Sets active property to False, to flag run method to return.