-Attachment #381327 for bug #551895

- - - - View - | Details - | Raw Unified - | Return to bug 551895 -
- - -Collapse All | -Expand All - - -

+@@ -, +, @@ + config/jail.conf | 9 ++- + server/filterinotify.py | 157 +++++++++++++++++++++++++++++++++++++++++++++++ + server/jail.py | 18 +++++- + 3 files changed, 179 insertions(+), 5 deletions(-) + create mode 100644 server/filterinotify.py +--- a/config/jail.conf ++++ a/config/jail.conf +@@ -26,13 +26,16 @@ findtime = 600 + maxretry = 3 - -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -




maxretry = 3

# "backend" specifies the backend used to get files modification. Available
# options are "inotify", "gamin", "polling" and "auto". This option can be
# overridden in each jail too (use "gamin" for a jail and "polling" for
# another).
#
# inotify: requires pyinotify and the a kernel supporting Inotify
# gamin:   requires Gamin (a file alteration monitor) to be installed. If Gamin
#          is not installed, Fail2ban will use polling.
# polling: uses a polling algorithm which does not require external libraries.
# auto:    will choose Inotify if pyinotify is present, if not then it will
# 	   try Gamin and use that if available, and polling otherwise.
backend = auto



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -




# This file is part of Fail2Ban.
#
# Fail2Ban is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Fail2Ban is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Fail2Ban; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

# Author: Jonathan G. Underwood
# 
# $Revision$

__author__ = "Jonathan G. Underwood"
__version__ = "$Revision$"
__date__ = "$Date$"
__copyright__ = "Copyright (c) 2010 Jonathan G. Underwood"
__license__ = "GPL"

from failmanager import FailManagerEmpty
from filter import FileFilter
from mytime import MyTime

import time, logging

import pyinotify
from pyinotify import ProcessEvent, WatchManager, Notifier

# Gets the instance of the logger.
logSys = logging.getLogger("fail2ban.filter")

##
# Log reader class.
#
# This class reads a log file and detects login failures or anything else
# that matches a given regular expression. This class is instanciated by
# a Jail object.

class FilterInotify(ProcessEvent, FileFilter):

	##
	# Constructor.
	#
	# Initialize the filter object with default values.
	# @param jail the jail object
	
	# Note that according to the pyinotify documentation we shouldn't
	# define an __init__ function, but define a my_init function which is
	# called by ProcessEvent.__init__. However, that approach appears not
	# to work here and so we define __init__ and call
	# ProcessEvent.__init__ from here.
	def __init__(self, jail):
		FileFilter.__init__(self, jail)
		ProcessEvent.__init__(self)
		self.__monitor = WatchManager()
		self.__notifier = Notifier(self.__monitor, self)
		self.__mask = pyinotify.IN_MODIFY | pyinotify.IN_CREATE
		
	##
	# Event handling functions used by pyinotify.ProcessEvent
	# instance. These simply call the __handleMod method.
	# @event an event object

	def process_IN_MODIFY(self, event):
		logSys.debug("process_IN_MODIFY called")
		self.__handleMod(event)

	def process_IN_CREATE(self, event):
		logSys.debug("process_IN_CREATE called")
		self.__handleMod(event)

	##
	# This method handles all modified file events
	# @event an event object

	def __handleMod(self, event):
		self.getFailures(event.path)
		try:
			while True:
				ticket = self.failManager.toBan()
				self.jail.putFailTicket(ticket)
		except FailManagerEmpty:
			self.failManager.cleanup(MyTime.time())
		self.dateDetector.sortTemplate()
			
	##
	# Add a log file path
	#
	# @param path log file path

	def addLogPath(self, path, tail = False):
		if self.containsLogPath(path):
			logSys.error(path + " already exists")
		else:
			wd = self.__monitor.add_watch(path, self.__mask)
			if wd[path] > 0:
				FileFilter.addLogPath(self, path, tail)
				logSys.info("Added logfile = %s" % path)
			else:
				logSys.error("Failed to add an inotify watch for logfile = %s" % path)
	
	##
	# Delete a log path
	#
	# @param path the log file to delete
	
	def delLogPath(self, path):
		if not self.containsLogPath(path):
			logSys.error(path + " is not monitored")
		else:
			rd = self.__monitor.rm_watch(self.__monitor.get_wd(path))
			if rd[path]:
				FileFilter.delLogPath(self, path)
				logSys.info("Removed logfile = %s" % path)
			else:
				logSys.error("Failed to remove inotify watch for logfile = %s" % path)
		
	##
	# Main loop.
	#
	# This function is the main loop of the thread. It checks if the
	# file has been modified and looks for failures.
	# @return True when the thread exits nicely

	def run(self):
		self.setActive(True)
		while self._isActive():
			if not self.getIdle():
				# We cannot block here because we want to be able to
				# exit. __notifier.check_events will block for
				# timeout milliseconds.
				if self.__notifier.check_events(timeout=10):
					self.__notifier.read_events()
					self.__notifier.process_events()
				time.sleep(self.getSleepTime())
			else:
				time.sleep(self.getSleepTime())

		# Cleanup when shutting down
		for wd in self.watchd.keys():
			self.__monitor.rm_watch(wd)
		del self.__monitor
		self.__notifier.stop()
		del self.__notifier

		logSys.debug(self.jail.getName() + ": filter terminated")
		return True


				

(-)a/server/jail.py - (-2 / +16 lines) -

- -

- Lines 40-56 - class Jail: -	- Link Here -

		logSys.info("Creating new jail '%s'" % self.__name)

		logSys.info("Creating new jail '%s'" % self.__name)

		if backend == "polling":

		if backend == "polling":

			self.__initPoller()

			self.__initPoller()

		elif backend == "inotify":

			self.__initInotify()

		elif backend == "gamin":

			self.__initGamin()

		else:

		else:

			try:

			try:

				self.__initGamin()

				self.__initInotify()

			except ImportError:

			except ImportError:

				self.__initPoller()

				try:

					self.__initGamin()

				except ImportError:

					self.__initPoller()

		self.__action = Actions(self)

		self.__action = Actions(self)

	def __initPoller(self):

	def __initPoller(self):

		logSys.info("Jail '%s' uses poller" % self.__name)

		logSys.info("Jail '%s' uses poller" % self.__name)

		from filterpoll import FilterPoll

		from filterpoll import FilterPoll

		self.__filter = FilterPoll(self)

		self.__filter = FilterPoll(self)

	def __initInotify(self):

		# Try to import pyinotify

		import pyinotify

		logSys.info("Jail '%s' uses Inotify" % self.__name)

		from filterinotify import FilterInotify

		self.__filter = FilterInotify(self)

	def __initGamin(self):

	def __initGamin(self):

		# Try to import gamin

		# Try to import gamin

- - -
- - Return to bug 551895 -