fail2ban.server.action module

class fail2ban.server.action.ActionBase(jail, name)

Bases: object

An abstract base class for actions in Fail2Ban.

Action Base is a base definition of what methods need to be in place to create a Python based action for Fail2Ban. This class can be inherited from to ease implementation. Required methods:

  • __init__(jail, name)

  • start()

  • stop()

  • ban(aInfo)

  • unban(aInfo)

Called when action is created, but before the jail/actions is started. This should carry out necessary methods to initialise the action but not “start” the action.

Parameters:
jailJail

The jail in which the action belongs to.

namestr

Name assigned to the action.

Notes

Any additional arguments specified in jail.conf or passed via fail2ban-client will be passed as keyword arguments.

Methods

ban(aInfo)

Executed when a ban occurs.

reban(aInfo)

Executed when a ban occurs.

start()

Executed when the jail/action is started.

stop()

Executed when the jail/action is stopped.

unban(aInfo)

Executed when a ban expires.

ban(aInfo)

Executed when a ban occurs.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

reban(aInfo)

Executed when a ban occurs.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

start()

Executed when the jail/action is started.

stop()

Executed when the jail/action is stopped.

unban(aInfo)

Executed when a ban expires.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

class fail2ban.server.action.CallingMap(*args, **kwargs)

Bases: MutableMapping, object

A Mapping type which returns the result of callable values.

CallingMap behaves similar to a standard python dictionary, with the exception that any values which are callable, are called and the result is returned as the value. No error handling is in place, such that any errors raised in the callable will raised as usual. Actual dictionary is stored in property data, and can be accessed to obtain original callable values.

Attributes:
datadict

The dictionary data which can be accessed to obtain items uncalled

Methods

clear()

get(k[,d])

items()

keys()

pop(k[,d])

If key is not found, d is returned if given, otherwise KeyError is raised.

popitem()

as a 2-tuple; but raise KeyError if D is empty.

setdefault(k[,d])

update([E, ]**F)

If E present and has a .keys() method, does: for k in E: D[k] = E[k] If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v In either case, this is followed by: for k, v in F.items(): D[k] = v

values()

copy

getRawItem

reset

CM_REPR_ITEMS = ()
copy()
data
getRawItem(key)
immutable
reset(immutable=True)
storage
class fail2ban.server.action.CommandAction(jail, name)

Bases: ActionBase

A action which executes OS shell commands.

This is the default type of action which Fail2Ban uses.

Default sets all commands for actions as empty string, such no command is executed.

Parameters:
jailJail

The jail in which the action belongs to.

namestr

Name assigned to the action.

Attributes:
actionban
actioncheck
actionreban
actionreload
actionrepair
actionstart
actionstop
actionunban
timeout

Methods

ban(aInfo[, cmd])

Executes the given command ("actionban" or "actionreban").

clearAllParams()

Clear all lists/dicts parameters (used by reloading)

consistencyCheck([beforeRepair])

Executes the invariant check with repair if expected (conditional).

escapeTag(value)

Escape characters which may be used for command injection.

executeCmd(realCmd[, timeout])

Executes a command.

flush()

Executes the "actionflush" command.

invalidateBanEpoch()

Increments ban epoch of jail and this action, so already banned tickets would cause a re-ban for all tickets with previous epoch.

prolong(aInfo)

Executes the "actionprolong" command.

reban(aInfo)

Executes the "actionreban" command if available, otherwise simply repeat "actionban".

reload(**kwargs)

Executes the "actionreload" command.

replaceDynamicTags(realCmd, aInfo[, escapeVal])

Replaces dynamical tags in query with property values.

replaceTag(query, aInfo[, conditional, ...])

Replaces tags in query with property values.

start()

Executes the "actionstart" command.

stop()

Executes the "actionstop" command.

unban(aInfo)

Executes the "actionunban" command.

ESCAPE_CRE = re.compile('[\\\\#&;`|*?~<>\\^\\(\\)\\[\\]{}$\'"\\n\\r]')
ESCAPE_VN_CRE = re.compile('\\W')
ban(aInfo, cmd='<actionban>')

Executes the given command (“actionban” or “actionreban”).

Replaces the tags in the action command with actions properties and ban information, and executes the resulting command.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

property banEpoch
clearAllParams()

Clear all lists/dicts parameters (used by reloading)

consistencyCheck(beforeRepair=None)

Executes the invariant check with repair if expected (conditional).

classmethod escapeTag(value)

Escape characters which may be used for command injection.

Parameters:
valuestr

A string of which characters will be escaped.

Returns:
str

value with certain characters escaped.

Notes

The following characters are escaped:

\#&;`|*?~<>^()[]{}$'"
static executeCmd(realCmd, timeout=60, **kwargs)

Executes a command.

Parameters:
realCmdstr

The command to execute.

timeoutint

The time out in seconds for the command.

Returns:
bool

True if the command succeeded.

Raises:
OSError

If command fails to be executed.

RuntimeError

If command execution times out.

flush()

Executes the “actionflush” command.

Command executed in order to flush all bans at once (e. g. by stop/shutdown the system), instead of unbanning of each single ticket.

Replaces the tags in the action command with actions properties and executes the resulting command.

invalidateBanEpoch()

Increments ban epoch of jail and this action, so already banned tickets would cause a re-ban for all tickets with previous epoch.

prolong(aInfo)

Executes the “actionprolong” command.

Replaces the tags in the action command with actions properties and ban information, and executes the resulting command.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

reban(aInfo)

Executes the “actionreban” command if available, otherwise simply repeat “actionban”.

Replaces the tags in the action command with actions properties and ban information, and executes the resulting command.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.

reload(**kwargs)

Executes the “actionreload” command.

Parameters:
kwargsdict

Currently unused, because CommandAction do not support initOpts

Replaces the tags in the action command with actions properties
and executes the resulting command.
classmethod replaceDynamicTags(realCmd, aInfo, escapeVal=None)

Replaces dynamical tags in query with property values.

Parameters:
querystr

String with tags.

aInfodict

Tags(keys) and associated values for substitution in query.

Returns:
str

shell script as string or array with tags replaced (direct or as variables).

classmethod replaceTag(query, aInfo, conditional='', addrepl=None, cache=None)

Replaces tags in query with property values.

Parameters:
querystr

String with tags.

aInfodict

Tags(keys) and associated values for substitution in query.

Returns:
str

query string with tags replaced.

start()

Executes the “actionstart” command.

Replace the tags in the action command with actions properties and executes the resulting command.

stop()

Executes the “actionstop” command.

Replaces the tags in the action command with actions properties and executes the resulting command.

unban(aInfo)

Executes the “actionunban” command.

Replaces the tags in the action command with actions properties and ban information, and executes the resulting command.

Parameters:
aInfodict

Dictionary which includes information in relation to the ban.