fail2ban.server.actions module

class fail2ban.server.actions.Actions(jail)

Bases: JailThread, Mapping

Handles jail actions.

This class handles the actions of the jail. Creation, deletion or to actions must be done through this class. This class is based on the Mapping type, and the add method must be used to add new actions. This class also starts and stops the actions, and fetches bans from the jail executing these bans via the actions.

Parameters:
jail: Jail

The jail of which the actions belongs to.

Attributes:
daemon

A boolean value indicating whether this thread is a daemon thread.

ident

Thread identifier of this thread or None if it has not been started.

name

A string used for identification purposes only.

status

Status of current and total ban counts and current banned IP list.

activebool

Control the state of the thread.

idlebool

Control the idle state of the thread.

sleeptimeint

The time the thread sleeps for in the loop.

Methods

add(name[, pythonModule, initOpts, reload])

Adds a new action.

addBannedIP(ip)

Ban an IP or list of IPs.

get(k[,d])

getBanList([withTime])

Returns the list of banned IP addresses.

getName()

Return a string used for identification purposes only.

isAlive()

Return whether the thread is alive.

isDaemon()

Return whether this thread is a daemon.

is_alive()

Return whether the thread is alive.

items()

join()

Safer join, that could be called also for not started (or ended) threads (used for cleanup).

keys()

onStop()

Abstract - Called when thread ends (after run).

reload([begin])

Begin or end of reloading resp.

removeBannedIP([ip, db, ifexists])

Removes banned IP calling actions' unban method

run()

Main loop for Threading.

setDaemon(daemonic)

Set whether this thread is a daemon.

setName(name)

Set the name string for this thread.

start()

Sets active flag and starts thread.

status([flavor])

Status of current and total ban counts and current banned IP list.

stop()

Sets active property to False, to flag run method to return.

stopActions([actions])

Stops the actions in reverse sequence (optionally filtered)

values()

ActionInfo

getBanTime

getBanned

setBanTime

class ActionInfo(ticket, jail=None, immutable=True, data={'F-*': <function Actions.ActionInfo.<lambda>>, 'bancount': <function Actions.ActionInfo.<lambda>>, 'bantime': <function Actions.ActionInfo.<lambda>>, 'failures': <function Actions.ActionInfo.<lambda>>, 'family': <function Actions.ActionInfo.<lambda>>, 'fid': <function Actions.ActionInfo.<lambda>>, 'ip': <function Actions.ActionInfo.<lambda>>, 'ip-host': <function Actions.ActionInfo.<lambda>>, 'ip-rev': <function Actions.ActionInfo.<lambda>>, 'ipfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailmatches': <function Actions.ActionInfo.<lambda>>, 'ipmatches': <function Actions.ActionInfo.<lambda>>, 'jail.banned': <function Actions.ActionInfo.<lambda>>, 'jail.banned_total': <function Actions.ActionInfo.<lambda>>, 'jail.found': <function Actions.ActionInfo.<lambda>>, 'jail.found_total': <function Actions.ActionInfo.<lambda>>, 'matches': <function Actions.ActionInfo.<lambda>>, 'raw-ticket': <function Actions.ActionInfo.<lambda>>, 'restored': <function Actions.ActionInfo.<lambda>>, 'time': <function Actions.ActionInfo.<lambda>>})

Bases: CallingMap

Attributes:
data
immutable
storage

Methods

clear()

get(k[,d])

items()

keys()

pop(k[,d])

If key is not found, d is returned if given, otherwise KeyError is raised.

popitem()

as a 2-tuple; but raise KeyError if D is empty.

setdefault(k[,d])

update([E, ]**F)

If E present and has a .keys() method, does: for k in E.keys(): D[k] = E[k] If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v In either case, this is followed by: for k, v in F.items(): D[k] = v

values()

copy

getRawItem

reset

AI_DICT = {'F-*': <function Actions.ActionInfo.<lambda>>, 'bancount': <function Actions.ActionInfo.<lambda>>, 'bantime': <function Actions.ActionInfo.<lambda>>, 'failures': <function Actions.ActionInfo.<lambda>>, 'family': <function Actions.ActionInfo.<lambda>>, 'fid': <function Actions.ActionInfo.<lambda>>, 'ip': <function Actions.ActionInfo.<lambda>>, 'ip-host': <function Actions.ActionInfo.<lambda>>, 'ip-rev': <function Actions.ActionInfo.<lambda>>, 'ipfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailfailures': <function Actions.ActionInfo.<lambda>>, 'ipjailmatches': <function Actions.ActionInfo.<lambda>>, 'ipmatches': <function Actions.ActionInfo.<lambda>>, 'jail.banned': <function Actions.ActionInfo.<lambda>>, 'jail.banned_total': <function Actions.ActionInfo.<lambda>>, 'jail.found': <function Actions.ActionInfo.<lambda>>, 'jail.found_total': <function Actions.ActionInfo.<lambda>>, 'matches': <function Actions.ActionInfo.<lambda>>, 'raw-ticket': <function Actions.ActionInfo.<lambda>>, 'restored': <function Actions.ActionInfo.<lambda>>, 'time': <function Actions.ActionInfo.<lambda>>}
CM_REPR_ITEMS = ('fid', 'raw-ticket')
copy()
data
immutable
storage
add(name, pythonModule=None, initOpts=None, reload=False)

Adds a new action.

Add a new action if not already present, defaulting to standard CommandAction, or specified Python module.

Parameters:
namestr

The name of the action.

pythonModulestr, optional

Path to Python file which must contain Action class. Default None, which means CommandAction is used.

initOptsdict, optional

Options for Python Action, used as keyword arguments for initialisation. Default None.

Raises:
ValueError

If action name already exists.

RuntimeError

If external Python module does not have Action class or does not implement necessary methods as per ActionBase abstract class.

addBannedIP(ip)

Ban an IP or list of IPs.

getBanList(withTime=False)

Returns the list of banned IP addresses.

Returns:
list

The list of banned IP addresses.

getBanTime()
getBanned(ids)
reload(begin=True)

Begin or end of reloading resp. refreshing of all parameters

removeBannedIP(ip=None, db=True, ifexists=False)

Removes banned IP calling actions’ unban method

Remove a banned IP now, rather than waiting for it to expire, even if set to never expire.

Parameters:
iplist, str, IPAddr or None

The IP address (or multiple IPs as list) to unban or all IPs if None

Raises:
ValueError

If ip is not banned

run()

Main loop for Threading.

This function is the main loop of the thread. It checks the jail queue and executes commands when an IP address is banned.

Returns:
bool

True when the thread exits nicely.

setBanTime(value)
status(flavor='basic')

Status of current and total ban counts and current banned IP list.

stopActions(actions=None)

Stops the actions in reverse sequence (optionally filtered)