fail2ban.server.actions module¶
- class fail2ban.server.actions.Actions(jail)¶
Bases:
JailThread
,Mapping
Handles jail actions.
This class handles the actions of the jail. Creation, deletion or to actions must be done through this class. This class is based on the Mapping type, and the add method must be used to add new actions. This class also starts and stops the actions, and fetches bans from the jail executing these bans via the actions.
- Parameters:
- jail: Jail
The jail of which the actions belongs to.
- Attributes:
daemon
A boolean value indicating whether this thread is a daemon thread.
ident
Thread identifier of this thread or None if it has not been started.
name
A string used for identification purposes only.
status
Status of current and total ban counts and current banned IP list.
- activebool
Control the state of the thread.
- idlebool
Control the idle state of the thread.
- sleeptimeint
The time the thread sleeps for in the loop.
Methods
add
(name[, pythonModule, initOpts, reload])Adds a new action.
addBannedIP
(ip)Ban an IP or list of IPs.
get
(k[,d])getBanList
([withTime])Returns the list of banned IP addresses.
getName
()Return a string used for identification purposes only.
isAlive
()Return whether the thread is alive.
isDaemon
()Return whether this thread is a daemon.
is_alive
()Return whether the thread is alive.
items
()join
()Safer join, that could be called also for not started (or ended) threads (used for cleanup).
keys
()onStop
()Abstract - Called when thread ends (after run).
reload
([begin])Begin or end of reloading resp.
removeBannedIP
([ip, db, ifexists])Removes banned IP calling actions' unban method
run
()Main loop for Threading.
setDaemon
(daemonic)Set whether this thread is a daemon.
setName
(name)Set the name string for this thread.
start
()Sets active flag and starts thread.
status
([flavor])Status of current and total ban counts and current banned IP list.
stop
()Sets active property to False, to flag run method to return.
stopActions
([actions])Stops the actions in reverse sequence (optionally filtered)
values
()ActionInfo
getBanTime
getBanned
setBanTime
- class ActionInfo(ticket, jail=None, immutable=True, data={'F-*': <function Actions.ActionInfo.<lambda>>, 'bancount': <function Actions.ActionInfo.<lambda>>, 'bantime': <function Actions.ActionInfo.<lambda>>, 'failures': <function Actions.ActionInfo.<lambda>>, 'family': <function Actions.ActionInfo.<lambda>>, 'fid': <function Actions.ActionInfo.<lambda>>, 'ip': <function Actions.ActionInfo.<lambda>>, 'ip-host': <function Actions.ActionInfo.<lambda>>, 'ip-rev': <function Actions.ActionInfo.<lambda>>, 'ipfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailmatches': <function Actions.ActionInfo.<lambda>>, 'ipmatches': <function Actions.ActionInfo.<lambda>>, 'jail.banned': <function Actions.ActionInfo.<lambda>>, 'jail.banned_total': <function Actions.ActionInfo.<lambda>>, 'jail.found': <function Actions.ActionInfo.<lambda>>, 'jail.found_total': <function Actions.ActionInfo.<lambda>>, 'matches': <function Actions.ActionInfo.<lambda>>, 'raw-ticket': <function Actions.ActionInfo.<lambda>>, 'restored': <function Actions.ActionInfo.<lambda>>, 'time': <function Actions.ActionInfo.<lambda>>})¶
Bases:
CallingMap
- Attributes:
- data
- immutable
- storage
Methods
clear
()get
(k[,d])items
()keys
()pop
(k[,d])If key is not found, d is returned if given, otherwise KeyError is raised.
popitem
()as a 2-tuple; but raise KeyError if D is empty.
setdefault
(k[,d])update
([E, ]**F)If E present and has a .keys() method, does: for k in E.keys(): D[k] = E[k] If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v In either case, this is followed by: for k, v in F.items(): D[k] = v
values
()copy
getRawItem
reset
- AI_DICT = {'F-*': <function Actions.ActionInfo.<lambda>>, 'bancount': <function Actions.ActionInfo.<lambda>>, 'bantime': <function Actions.ActionInfo.<lambda>>, 'failures': <function Actions.ActionInfo.<lambda>>, 'family': <function Actions.ActionInfo.<lambda>>, 'fid': <function Actions.ActionInfo.<lambda>>, 'ip': <function Actions.ActionInfo.<lambda>>, 'ip-host': <function Actions.ActionInfo.<lambda>>, 'ip-rev': <function Actions.ActionInfo.<lambda>>, 'ipfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailmatches': <function Actions.ActionInfo.<lambda>>, 'ipmatches': <function Actions.ActionInfo.<lambda>>, 'jail.banned': <function Actions.ActionInfo.<lambda>>, 'jail.banned_total': <function Actions.ActionInfo.<lambda>>, 'jail.found': <function Actions.ActionInfo.<lambda>>, 'jail.found_total': <function Actions.ActionInfo.<lambda>>, 'matches': <function Actions.ActionInfo.<lambda>>, 'raw-ticket': <function Actions.ActionInfo.<lambda>>, 'restored': <function Actions.ActionInfo.<lambda>>, 'time': <function Actions.ActionInfo.<lambda>>}¶
- CM_REPR_ITEMS = ('fid', 'raw-ticket')¶
- copy()¶
- data¶
- immutable¶
- storage¶
- add(name, pythonModule=None, initOpts=None, reload=False)¶
Adds a new action.
Add a new action if not already present, defaulting to standard CommandAction, or specified Python module.
- Parameters:
- namestr
The name of the action.
- pythonModulestr, optional
Path to Python file which must contain Action class. Default None, which means CommandAction is used.
- initOptsdict, optional
Options for Python Action, used as keyword arguments for initialisation. Default None.
- Raises:
- ValueError
If action name already exists.
- RuntimeError
If external Python module does not have Action class or does not implement necessary methods as per ActionBase abstract class.
- addBannedIP(ip)¶
Ban an IP or list of IPs.
- getBanList(withTime=False)¶
Returns the list of banned IP addresses.
- Returns:
- list
The list of banned IP addresses.
- getBanTime()¶
- getBanned(ids)¶
- reload(begin=True)¶
Begin or end of reloading resp. refreshing of all parameters
- removeBannedIP(ip=None, db=True, ifexists=False)¶
Removes banned IP calling actions’ unban method
Remove a banned IP now, rather than waiting for it to expire, even if set to never expire.
- Parameters:
- iplist, str, IPAddr or None
The IP address (or multiple IPs as list) to unban or all IPs if None
- Raises:
- ValueError
If ip is not banned
- run()¶
Main loop for Threading.
This function is the main loop of the thread. It checks the jail queue and executes commands when an IP address is banned.
- Returns:
- bool
True when the thread exits nicely.
- setBanTime(value)¶
- status(flavor='basic')¶
Status of current and total ban counts and current banned IP list.
- stopActions(actions=None)¶
Stops the actions in reverse sequence (optionally filtered)