403Webshell
Server IP : 172.67.131.151  /  Your IP : 104.23.243.115
Web Server : Apache
System : Linux keen-cori.18-142-40-148.plesk.page 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 06:59:36 UTC 2025 x86_64
User : simottodesign.com_2tntp341vs7 ( 10011)
PHP Version : 8.3.31
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /lib/python3/dist-packages/fail2ban/tests/__pycache__/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /lib/python3/dist-packages/fail2ban/tests/__pycache__/fail2banclienttestcase.cpython-38.opt-2.pyc
U

1p
mF�e�@s�dZdZdZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZm
Z
mZmZmZddlmZddlmZdd	lmZmZmZdd
lmZddlmZmZmZddl m!Z!mZ"dd
l#m$Z$ddl%m%Z%ddl&m'Z'ddl(m)Z)ddl*m+Z+m,Z-m.Z.m/Z/m0Z0m1Z1m2Z3m4Z4m5Z5ddl6m7Z7e7e8�Z,dZ9dZ:ee!�;��Z<e	j=�>e	j=j?�Z?e	j=�>e	j=j@�Z@e?de_?e,e_,e_,e_,e%jAZBe%jCZDdd�ZEeEe_Fe_Fe_Fe$_Fdd�ZGe%jHZHdd�ZIe@fdd�ZJGdd�dejK�ZKGd d!�d!ejK�ZLeKZMeLZNgaOd"d#�ZPePe_Qd$e_Re_Re+jSZTd%d&�ZUd'd(�ZVd?d-d.�ZWd/d0�ZXd1d2�ZYd3d4�ZZd5d6�Z[ifd7d8�Z\Gd9d:�d:e+�Z]Gd;d<�d<e]�Z^Gd=d>�d>e]�Z_dS)@zSerg BresterzICopyright (c) 2014- Serg G. Brester (sebres), 2008- Fail2Ban ContributorsZGPL�N)�join�isdir�isfile�exists�dirname��wraps)�Thread�)�fail2banclient�fail2banserver�fail2bancmdline)�Fail2banCmdLine)�exec_command_line�CSocket�
VisualWait)�Fail2banServerr)�protocol)�server)�MyTime)�Utils�)	�LogCaptureTestCase�logSys�with_tmpdir�shutil�logging�STOCK�
CONFIG_DIR�TEST_NOW�tearDownMyTime)�	getLoggerzfail2ban-clientzfail2ban-servercGst�|d�dS�Nr)r�info��args�r&�G/usr/lib/python3/dist-packages/fail2ban/tests/fail2banclienttestcase.py�_test_outputJsr(cCs&t�d|�t�t��|d�dS)Nz===>>> time shift + %s min�<)r�debugrZsetTime�time)�shiftr&r&r'�_time_shiftQsr-cCs*tjdk	r&tj�t�tj�td�dS)z$Helper to wait observer becomes idleN�)�	Observers�MainZ
wait_empty�MID_WAITTIMEZ	wait_idler&r&r&r'�_observer_wait_idleYs
r2cs.tjdk	r*tjj����fdd�}|tj_dS)zOHelper to block observer before increase bantime until some condition gets trueNcs6�tj_t�d�t����t�d��||�dS)Nz4  [Observer::banFound] *** observer blocked for testz.  [Observer::banFound] +++ observer runs again)r/r0�banFoundrr*r�wait_for�r%�kwargs�Z
_obs_banFound�cond�timeoutr&r'�	_banFoundds


z0_observer_wait_before_incrban.<locals>._banFound)r/r0r3)r8r9r:r&r7r'�_observer_wait_before_incrban_s
	r;c@seZdZdZdS)�
ExitExceptionzException upon a normal exitN��__name__�
__module__�__qualname__�__doc__r&r&r&r'r<tsr<c@seZdZdZdS)�FailExitExceptionzException upon abnormal exitNr=r&r&r&r'rBysrBcGstt�rt�d�SdSdS)Nr�exit)�len�INTERACT�popr$r&r&r'�_test_input_command�s
rGFcGs2t||�}|�d�|�|rdnd�|��dS)N�
�)�open�writer�close)�fn�mode�lines�fr&r&r'�_write_file�s
rQcCs0d}zt|�}|��W�S|dk	r*|��XdS�N)rLrJ�read)rMrPr&r&r'�
_read_file�srT�	/dev/null�:memory:r&�rIcCs�t|d�}|dkrt|d�}d}	|r�tr�dd�}
tjt||
d�|dkrLd}t�d	�}tjt|d
�dd�D]$}|�	d
�}|�
|�r�d}t|�qjt�d�}tjt|d�dd�D]$}|�	d
�}|�
|�r�d}t|�q�|r�dnd}	nTt�
|�tt|d
�dddd|�dd�ddt|d�dt|d�dd|dd d�
|	�rdtt||	�dfd!dd"d#|df|��|�r�tt|d$�df|��tjjtjk�r�tt|d
��tt|d��|�r�tt|d$��|	�r�|	dk�r�tt||	��|�rt�r|D]&}
t�tj�tt|
��t||
���q�|�r:|D]}
t|
d%|id��q d&\}}tjjtjk�r~ttjj�}tjjd'k�r~d(d)tjjf}|d*|f}d+|d,t|d�d-t|d�d.|f|d/dd0ttj�fS)1N�config�autozf2b-db.sqlite3�	jail.confcs�fdd�|D�S)z?Filters list of 'files' to contain only directories (under dir)csg|]}tt�|��r|�qSr&)r�pjoin)�.0rP��dirr&r'�
<listcomp>�sz2_start_params.<locals>.ig_dirs.<locals>.<listcomp>r&)r^�filesr&r]r'�ig_dirs�sz_start_params.<locals>.ig_dirs)�ignore)�action.dzfilter.dz^dbfile\s*=z
fail2ban.confT)ZinplacerHzdbfile = :memory:z^backend\s*=�backend = pollingz
jail.localrI�w�[Definition]zloglevel = INFOzlogtarget = �%z%%zsyslogsocket = autoz	socket = �f2b.sockz
pidfile = �f2b.pidz	dbfile = zdbmaxmatches = 100zdbpurgeage = 1d�
[INCLUDES]�	[DEFAULT]ztmp = zfail2ban.local�tmp)r&�INFOr�-�vz
--loglevel�-c�-sz-p�--logtargetz--syslogsocketz	--timeout)r[rrZcopytree�STOCK_CONF_DIR�re�compile�	fileinput�input�rstrip�match�print�os�mkdirrQ�replace�unittest�F2B�	log_levelr�DEBUG�	_out_file�symlink�path�abspathrm�str�	verbosityr
�MAX_WAITTIME)rl�	use_stock�
use_stock_cfg�	logtarget�db�	f2b_local�jails�create_before_start�cfgZj_confra�r�line�nZvvvZllevr&r&r'�
_start_params�s�










����$����r�cCs4z||�d�ddkWStk
r.YdSXdS)Nrrr�	INHERITEDF)�index�
ValueError��startparamsr&r&r'�_inherited_log�sr�c
CsXd}z"t|�}t�d|���}t|�WStk
rR}zt�|�W5d}~XYnX|S)Nz\S+)rTrtry�group�int�	Exceptionrr*)�pidfile�pid�er&r&r'�_get_pid_from_file�s
r�c
sjt�d|t|�f�t|�r<|}t|d�}t|�s<t|d�}tjjtj	krtt|d�}t|�rft
|�nt�dd|�t|�s�t�d|�dSt�d	|�t|���dkr�d
Sz�t�d���dksΈt
��kr�td
�|f��t���s�WdSt
��tj�t��fdd�d��s t
��tj�t�d�t���WStk
�rd}zt�|�W5d}~XYnXdS)Nzcleanup: %rrizfail2ban.pid�f2b.logr.z
no logfile %rzcleanup: no pidfile for %rTzcleanup pidfile: %rFzcleanup pid: %rrzpid %s of %s is invalidcst���SrR)r�
pid_existsr&�r�r&r'�<lambda>)�z_kill_srv.<locals>.<lambda>r�cleanup: kill ready)rr*rr[rr~rr�rr�r��logr�r{�getpidr�rr��kill�signal�SIGTERMr4�SIGKILLr�Z	exception)r�ZpiddirZlogfiler�r&r�r'�	_kill_srvs@





r�cst���fdd��}|S)z�Helper to decorate tests which receive in the last argument tmpdir to pass to kill_srv

	To be used in tandem with @with_tmpdir
	cs*|d}z�|f|��W�St|�XdS)N���)r�)�selfr%r��rPr&r'�wrapper8szwith_kill_srv.<locals>.wrapperr�rPr�r&r�r'�
with_kill_srv3sr�cs�fdd�}|S)z}Helper to decorate tests uses foreground server (as thread), started directly in test-cases

	To be used only in subclasses
	cstt����fdd���}|S)Nc
sfd}t���zz�t�fddi����t	d�j
���fd�}d|_|��t
tff����fdd	�	}|�_t��fd
d�t�����dd���j�d��d
�t�d��������f|�|�WW�ZStk
�r}z4td|����}|�rtd|�����W5d}~XYnXW5|�rZt�d���������dd��rZ|��t�XdS)Nz=== within server: end.  ===�endr�r��_TestCaseWorker��name�targetr%Tcs�t���dd�s8tj�t�d��s8t��fdd�t���dd�s���	|�d�t��fdd�t
�����dd���jddd	t
d
�dd��_
dS)Nr�rics��dd�dk	S�Nr���getr&��phaser&r'r�]r�zywith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEnd.<locals>.<lambda>�stopcs��dd�dk	Sr�r�r&r�r&r'r�br��Shutdown successfulzExiting Fail2banT��all�waitc_sdSrRr&r5r&r&r'r�fr�)r r�r{r�rr[rr4r1�execCmdr��
assertTrue�assertLogged�stopAndWaitForServerEnd��code�r�r�r�rlr&r'�_stopAndWaitForServerEndYszgwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEndcs��dd�dk	S)N�startr�r&r�r&r'r�ir�zWwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>.<lambda>r��r�r�z=== within server: begin ===z=== Catch an exception: %sz#=== Error of server, log: ===
%s===)�dict�	DefLogSysr#�pruneLogr�r�rr r�r	�_testStartForeground�daemonr��SUCCESS�FAILEDrr4r�r��
_wait_for_srvr�rz�getLog)r�rlr%r6�thr�r�r�)rP�
startextrar�r'r�GsB�

zEwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper)rrr��r�r�r'�
_deco_wrapperFs:z4with_foreground_server_thread.<locals>._deco_wrapperr&)r�r�r&r�r'�with_foreground_server_threadAs>r�c@s�eZdZejZdd�Zdd�Zdd�Ze	ddd	��Z
ddd
�Zdd�Zdd�Z
dd�Zeddid�dd��Zeedd���ZdS)�Fail2banClientServerBasecOsdSrRr&)r�r%r6r&r&r'�_setLogLevel�sz%Fail2banClientServerBase._setLogLevelcCs(t�|�dt_tjt_t|j�t	_
dS)zCall before every test case.r�N)r�setUpr�
DEF_LOGTARGETr��level�DEF_LOGLEVEL�staticmethod�
_test_exitr�_exit�r�r&r&r'r��s
zFail2banClientServerBase.setUpcCs(|jt_tt_tt_t�	|�t
�dS)zCall after every test case.N)�
_orig_exitrr��SRV_DEF_LOGTARGETrr��SRV_DEF_LOGLEVELr�r�tearDownr r�r&r&r'r��s

z!Fail2banClientServerBase.tearDownrcCs|dkrt��nt��dSr")r<rBr�r&r&r'r��sz#Fail2banClientServerBase._test_exitTNcs��si�zlt|d��t���fdd�t�}|r8��d�rFtd|f��|rrt��fdd�t�}|srtd�|f��Wn^t|�r�td������	�t|d	�}t
|�r�t|�nt|�s�t�
d
|��YnXdS)Nrhcs��d�pt��Sr�)r�rr&)r��sockr&r'r��r�z8Fail2banClientServerBase._wait_for_srv.<locals>.<lambda>r�z9Unexpected: Socket file does not exists.
Start failed: %rcsd���kS)N�Server ready)r�r&r�r&r'r��r�zBUnexpected: Server ready was not found, phase %r.
Start failed: %rz,=== Error by wait for server, log: ===
%s===r�z*No log file %s to examine details of error)r[rr4r�r�r�r�rzr�r�rr�rr*)r�rl�readyr�r��retr�r&)r�r�r�r'r��s:
����

z&Fail2banClientServerBase._wait_for_srvcGs*|�||jd|jdd�||�dS)Nrr)ZassertRaisesr)r�ZexitTyper�r%r&r&r'r��s�z Fail2banClientServerBase.execCmdcGs8||�d�d}t|�}z|�|�W�S|��XdS)Nrqr)r�rrL�send)r�r�r%r��sr&r&r'�
execCmdDirect�s
z&Fail2banClientServerBase.execCmdDirectc	CsJt�d�d|d<z|�td|d�W5d|d<d|d<t�d�XdS)Nzstart of test workerTr�Fr�zend of test worker�z-f)rr*r�r�)r�rlr�r�r&r&r'r��s
z-Fail2banClientServerBase._testStartForegroundr�)z[Thread]zstacksize = 128r�cCsR|��|�t|dd�|�d�|�t|d�|�t|d�|�t|dd�dS)Nr��threadz{'stacksize': 128}�ping�~~unknown~cmd~failed~~�echo�	TEST-ECHO)r�r�r�r�r��r�rlr�r&r&r'�testStartForeground�s
z,Fail2banClientServerBase.testStartForegroundc		s�tjst�d��t|d�}t�|�}|j��}|�d�|��t	||dd�}ddi}�fdd	�}t
d
|||fd�}|��z��
td
|d�W5d|d<|��X�jdddd�dS)NzSkip test because no databaseztmp.dbz#UPDATE fail2banDb SET version = 555r�)r�r�r�Tcs$t��fdd�t�s ��|d�dS)Ncs
�dS)Nr�r&r&r�r&r'r��r�z[Fail2banClientServerBase.testStartFailsInForeground.<locals>._stopTimeout.<locals>.<lambda>r�)rr4r�r�r�r�r�r'�_stopTimeout�szIFail2banClientServerBase.testStartFailsInForeground.<locals>._stopTimeoutr�r�Fr�r�z/Attempt to travel to future version of database�Exit with code 255�r�)rZ
Fail2BanDbr~�SkipTestr[Z_dbZcursorZ
executescriptrLr�r	r�rr�r�r�)	r�rlZdbnamer�Zcurr�r�r�r�r&r�r'�testStartFailsInForeground�s0




�
�z3Fail2banClientServerBase.testStartFailsInForeground)r)TNN)r>r?r@rr�r�r�r�r�r�r�r�r�r�r�r�r�rr�r�r&r&r&r'r��s	


r�c@steZdZeefZdd�Zdd�Zedd��Z	ee
dd���Zee
d	d
���Zee
dd���Z
ed
d��Zdd�ZdS)�Fail2banClientTestcCs,|�tttt���|�tttt���dSrR)r�rr[�BIN�CLIENT�SERVERr�r&r&r'�testConsistencysz"Fail2banClientTest.testConsistencycCs�|�tdd�|�dt�|�d�|��|�tdd�|�t���|��|�tddd�|�dtj�|��|�tdd	d
�|�d�dS)Nr&�-h�Usage: �Report bugs to z-Vz-vqz	--versionz
Fail2Ban vz	--str2secZ1d12h30mZ131400)r�r�r�rr�r
ZnormVersion�versionr�r&r&r'�testClientUsages
z"Fail2banClientTest.testClientUsagecCsPt|d�}|�t|d�|�d�|�d�|��|�t|d�|�d�dS)NTz-vvdz
Loading filesz['set', 'logtarget',z--dp)r�r�r�r�r�r�r&r&r'�testClientDump&s


z!Fail2banClientTest.testClientDumpcCs�t|d�}|�td|d�|j|d|d�|�d�|�d�zF|�t|d	d
�|�t|d�|��|�td|d�|�d�W5|��|�t|d�|�d�|�d�X|��|�t|d�|�d
�|�d�dS)NT�z-br�r�r��Exit with code 0r�r�r�r�r�zServer already runningzFailed to access socket pathzIs fail2ban running?)r�r�r�r�r�r�r�r�r&r&r'�testClientStartBackgroundInside2s&




z2Fail2banClientTest.testClientStartBackgroundInsidecCs�t|t|d�d�}tjjr,|�t|d�n`tjtt	t
�f}t�d|�||d}t
j|tddd�}|�t|�ox|d	�|j|d|d
�|�d�|���z�|�t|dd�|�d�|�d�|��|�t|dd�|�d�|��tt|d��}z.t�|tj�t�t
j�|�t|dd�W5t�|tj�X|�d�|��zd	dl}Wn2t k
�r�}zt�!d|��W5d}~XYnXt"dddg7a"|�t|d�|�d�|�dd�|�d�|��t"dd dg7a"|�t|d�|�d!�|�d
�|�d�|�d�|��t"d"dg7a"|�t|d�|�d#�|��|�t|dd$�|�d#�|�d%�|��W5|��|�t|d�|�d
�|�d�XdS)&Nr��r�)r��Start %s ...)�--asyncr�FT�r9�shell�outputrr�r�r�r�r
r�r�r�z0.1zServer replied: pongriz1e-10z	timed outz%Skip test because of import error: %szecho INTERACT-ECHO�statusrCz-iz
INTERACT-ECHOZStatuszNumber of jail:�reload�restartzReading config files:zreload ~~unknown~jail~fail~~z@Failed during configuration: No section: '~~unknown~jail~fail~~'z~~unknown~jail~fail~~r�)#r�r[r~r�fastr�r��sys�
executabler�rrr*r�
executeCmdr�r�rDr�r�r�r�r{r�r��SIGCONT�SIGSTOPr+�sleepZDEFAULT_SHORT_INTERVALr��readline�ImportErrorr�rE)r�rlr��cmdr�r�rr�r&r&r'�testClientStartBackgroundCallQs�




 �

�



�



z0Fail2banClientTest.testClientStartBackgroundCallcCs�t|dd�}|�tdddt|d�d�|�dt|d�d	�|��|�tddt|d
�dt|d�d
�|�d�|��tt|d�d���|�tdddt|d
�dt|d�d�|�d�|��t�	t|d��|�tdd�|�d�|��dS)Nr�rr&rrp�missr��Base configuration directory � does not existrXrqrhr�Could not find server�a�LFail2ban seems to be in unexpected state (not running but the socket exists)r�
r�r�r�r[r�r�rJrLr{�remover�r&r&r'�testClientFailStart�sB��
�

z&Fail2banClientTest.testClientFailStartcCsXt|dd�}|�t|dd�|�d�|��|�t|dddd�|�d�|��dS)	Nr�rrZjailr#rz--xxxz"Unexpected argument(s) for reload:)r�r�r�r�r�r�r&r&r'�testClientFailCommands�s�
�
z)Fail2banClientTest.testClientFailCommandsc
CsXd}dD]J}d}t|d��2}|rH|��|r>tjjs>t�|�|d8}qW5QRXqdS)Ng�Q���?)r
r�r.r)rZ	heartbeatr~rrr+r)r�Z	sleeptime�verboseZcntrZvisr&r&r'�testVisualWait�s
z!Fail2banClientTest.testVisualWaitN)r>r?r@�_exec_clientrrrrrrr�rrr(r)r,r&r&r&r'r�s"
Y
r�c@s�eZdZeefZdd�Zeedd���Z	eedd���Z
eedd���Zed	d
��Ze
ddid
�dd��Zejjdd�e
dddd�d
�dd���Zejjdd�e
ddddd�d
�dd ���Ze
�d!d"��Zd#S)$�Fail2banServerTestcCs*|�tdd�|�dt�|�d�dS)Nr&rrr)r�r�r�rr�r&r&r'�testServerUsage�sz"Fail2banServerTest.testServerUsagecCs�t|t|d�d�}tjttt�f}t�d|�||d}tj	|t
ddd�}|�t|�o^|d�|j
|d|d	�|�d
�|��z"|�t|dd�|�t|d�W5|��|�t|d�|�d�|�d
�XdS)Nr�rr
r	FTrrr�r�r�r�r
r�r�r�)r�r[rrr�rrr*rrr�r�rDr�r�r�r�r�r��r�rlr�rr�r&r&r'�testServerStartBackground�s 

z,Fail2banServerTest.testServerStartBackgroundc
Cs�t|dd�}|�tddt|d��|�dt|d�d�|��tt|d�d	���|�tddt|d
�dt|d��|�d�|��t�	t|d��dS)
Nr�rr&rpr r!r"rhr$rXrqr%r&r�r&r&r'�testServerFailStarts"��
z&Fail2banServerTest.testServerFailStartcCs�t|dd�}t|d�}|�d�|�t|d�|�d�tt|d�dd	d
d	dd�|�d
�|�t|d�|jddddd�|�d�|�t|dd�|jddddd�dS)Nr�rrXz[test-phase 0]z--testz$OK: configuration test is successfulrZr$rI�
[broken-jail]�filter = broken-jail-filter�enabled = truez[test-phase 0a]�.Unable to read the filter 'broken-jail-filter'zErrors in jail 'broken-jail'.z ERROR: test configuration failedTr�z[test-phase 0b]z-tr�)r�r[r�r�r�r�rQr�)r�rlr�r�r&r&r'�testServerTestFailStarts0


�
�
�z*Fail2banServerTest.testServerTestFailStartc
s�z�t�t�d�d�}tjttt�f}t�	d|�||d}t
j|tddd�}|�t
|�o`|d�|j�d|d	�|�d
�|��t�	d��W5|�t���Xt
��fdd
�t�|�tt�d���|�d�|��|�t���|�d�dS)NzGf2b.log[format="SRV: %(relativeCreated)3d | %(message)s", datetime=off]rr
r	FTrrr�r�zKill server ... %scstt�d��S)Nri)rr[r&�rlr&r'r�Qr�z7Fail2banServerTest.testKillAfterStart.<locals>.<lambda>rir�zcleanup: no pidfile for)r�r�r�r[rrr�rrr*rrr�rDr�r�r�r4�assertFalserr0r&r8r'�testKillAfterStart=s(�

z%Fail2banServerTest.testKillAfterStartr�rYr�cs�
t|d��t|d��t|d��t|d��t�t�d��dŇfd	d
�	}dƇ���fdd�	}|dd�|dd�|dgdddgd�tt�d�dddddd�t�dfttt����dfd��t�d�t�d�|�d�t	j
jtj
k�r�t��|�t|d�|jdd dtd!�|�d"��|�d#�|jd$d%dd&�|jd'd(dtd!�|jd)d*d+dd&�|�d,�|ddgd-�t	j
jtj
k�r�t��|�t|d�|jdtd.�|jd/d#dd&�|jd"�d"�dd&�|jd0d1dd&�|jd2d3dd&�|jd4d5dd&�|�d6�|�d7�|dgd-�|dd8dd9dd:dd;�|�t|d�|jdtd.�|jd/d#dd&�|�d<�|jd0d=dd&�|�d>�|�d?�|�d@�|ddAdB�|ddgd-�|�dC�t�dDfttt����dEfdttt����dFfdttt����dGfdttt����dHfd��t	j
jtj
k�rXt��|jdIdJdtd!�|�t|dKdLdMdN�|jdOtd.�|jdPdQdRdSdTdUdVdd&�|jdWdXdYdZdd&�t�|�|�|d[�d\d]d^d_d`dadbgidLd^dNd`gigf�|�|�|d[d_d^dc�d\d]gd]dLgggf�|�|�|ddd]d[�dd^d_d`dadbg�|�|�|dddLd[�dd^dNd`g�|�|�|ddd]d[da�dd�|�|�|ddd]d[dN�dd\�|�|�|ddd]d[dadN�ddd\g�|�de�|�t|dfdL�|jddgdOdtd!�|jdhdidjdkd3dldmdndd&�	|jdodpdtd!�|jdqdrdd&�|�ds�|�t|dKdLdMdt�|�t|dKdLdMdu�|jdvdwdtd!�t�|�dx�|�t|dddLdMdy�|jd^d`dtdudtd!�|�dz�|�t|ddd]dM�|jd_dbdad^d`dtd!�|�d{�|�t|dfd|dL�|jdd3dtd!�|jdkd3dhdidjdd&�|jd}d~dd&�|�d�|jd�d�dd&�|jdTdUdd&�|ddAdB�|gd-�|�d��|�t|dd]�|jdtd.�|jd�d�dd&�|jd�d�d�dd&�|�d��|dgd��|�t|d�|jdtd.�|�d��|jd�dkdd&�|jd��d��dd&�|�d��t�dDfttt����d�fdttt����d�fdttt����d�fd��t	j
jtj
k�r�t��|jd�d�dtd!�|jd�d�d�d�dd&�|�d��|�d��|�t|d�d�d�d��|jd�d�dtd!�|�d��|�t|d�d�d��|jd�d�dtd!�|�t|d�d�d�d��|jd�d�dtd!�|�d��|�t|d�dKd]dMd�d��|jd�d�dtd!�|�t|d�dKd]d�d��|jd�d�dtd!�|�d��|�t|dd|�|jdtd.�|jd�d/d�dd&�|jd�d�d#dRdd&�|�d��|�t|d�d�d��|jd�d�dd&�|�d��|dgd�d��|�t|d�|jdtd.�|jd�d�dd&�|�d��|dgd��|�t|d�|jdtd.�|�d��|�t|d�ddL�|jdtd.�|�d��|��|�t|d�dd�dL�|jdtd.�|jd2d3dd&�|�d��|�t|d�dd�d��|jdtd.�|jd�d�dtd!�|�d��|�t|d�dKd]d�d�dá|�t|d�ddd]dġ|jd�d�dd&�dS)�NrX�	test1.logz	test2.logz	test3.logrc�test-action1TrIcsjt�dd|�}|s"t�|�dSt|ddddddd	d
dd|d
|d|d|d|�tjjtjkrft	|�dS)Nrc�%s.confrerkz_exec_once = 0rIrfznorestored = %(_exec_once)sz
restore = zinfo = z<_use_flush_ = echo '[%(name)s] %(actname)s: -- flushing IPs'z6actionstart =  echo '[%(name)s] %(actname)s: ** start'z7actionreload = echo '[%(name)s] %(actname)s: .. reload'zMactionban =    echo '[%(name)s] %(actname)s: ++ ban <ip> %(restore)s%(info)s'z;actionunban =  echo '[%(name)s] %(actname)s: -- unban <ip>'z5actionstop =   echo '[%(name)s] %(actname)s: __ stop')
r[r{r'rQr~rr�rr�r�)�actname�allowr�rZban�unbanr�rM�r�r&r'�_write_action_cfgis4
�zBFail2banServerTest.testServerReloadTest.<locals>._write_action_cfg�rr
r&�pollingc%stt�d�ddddddddd	d
dddd
|ddd|kr:dndd|krHdndd|krVdndd�d|krnd�ndd|kr�d�ndd	d|kr�dndd|kr�dndddd
|ddd|kr�dndd|kr�dndd�d|kr�dnd�#tjjtjkr�tt�d��dS)NrZrerjrIrk�usedns = no�maxretry = 3zfindtime = 10mzBfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>�datepattern = {^LN-BEG}EPOCHzignoreip = 127.0.0.1/8 ::1�[test-jail1]�
backend = �filter =z	action = rz*         test-action1[name='%(__name__)s']r
zj         test-action2[name='%(__name__)s', restore='restored: <restored>', info=', err-code: <F-ERRCODE>']�z�         test-action2[name='%(__name__)s', actname=test-action3, _exec_once=1, restore='restored: <restored>', actionflush=<_use_flush_>]�
logpath = z
          z@            ^\s*error <F-ERRCODE>401|403</F-ERRCODE> from <HOST>r5z[test-jail2]�rQr[r~rr�rr�r�)�enabled�actions�backend�r��test1logZtest2logZtest3logr&r'�_write_jail_cfg�sb�������%[email protected].<locals>._write_jail_cfg)r>�test-action2rr
rK)rNrOrZr$r3r4r5rez# failure 401 from 192.0.2.1: test 1z[test-phase 1a]r�Reload finished.z1 ticket(s) in 'test-jail1r�zAdded logfile: %rz[test-jail1] Ban 192.0.2.1z-stdout: '[test-jail1] test-action1: ** start'z-stdout: '[test-jail1] test-action2: ** start'r�zPstdout: '[test-jail1] test-action2: ++ ban 192.0.2.1 restored: 0, err-code: 401'zAstdout: '[test-jail1] test-action3: ++ ban 192.0.2.1 restored: 0'r6z)Errors in jail 'broken-jail'. Skipping...z:Jail 'broken-jail' skipped, because of wrong configurationz[test-phase 1b])rO�r�z[test-jail1] Unban 192.0.2.1z.stdout: '[test-jail1] test-action1: .. reload'z.stdout: '[test-jail1] test-action2: .. reload'zCreating new jail 'test-jail2'zJail 'test-jail2' startedz4stdout: '[test-jail1] test-action3: -- flushing IPs'z,stdout: '[test-jail1] test-action3: __ stop'z7stdout: '[test-jail1] test-action3: -- unban 192.0.2.1'z[test-phase 2a]z+               echo '[<name>] %s: started.'z,               echo '[<name>] %s: reloaded.'z+               echo '[<name>] %s: stopped.')r>r�rr�zAdded logfile:z.stdout: '[test-jail1] test-action1: reloaded.'z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.1'z,stdout: '[test-jail1] test-action2: __ stop'z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.1'F)r>r?z[test-phase 2b]�a+z#   error 403 from 192.0.2.2: test 2z#   error 403 from 192.0.2.3: test 2z# failure 401 from 192.0.2.4: test 2z# failure 401 from 192.0.2.8: test 2z2 ticket(s) in 'test-jail2z5 ticket(s) in 'test-jail1�setz
test-jail2�banipz	192.0.2.9z3 ticket(s) in 'test-jail2z[test-jail1] Ban 192.0.2.2z[test-jail1] Ban 192.0.2.3z[test-jail1] Ban 192.0.2.4z[test-jail1] Ban 192.0.2.8z[test-jail2] Ban 192.0.2.4z[test-jail2] Ban 192.0.2.8z[test-jail2] Ban 192.0.2.9z[test-jail2] Found 192.0.2.2z[test-jail2] Ban 192.0.2.2z[test-jail2] Found 192.0.2.3z[test-jail2] Ban 192.0.2.3Zbannedr�
test-jail1z	192.0.2.4z	192.0.2.1z	192.0.2.8z	192.0.2.3z	192.0.2.2z192.0.2.222r�z[test-phase 2c]rzRestore Banz[test-jail2] Unban 192.0.2.4z[test-jail2] Unban 192.0.2.8z[test-jail2] Unban 192.0.2.9zJail 'test-jail2' stoppedz"[test-jail2] Restore Ban 192.0.2.4z"[test-jail2] Restore Ban 192.0.2.8z"[test-jail2] Restore Ban 192.0.2.9zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.4 restored: 1, err-code: 401'zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.8 restored: 1, err-code: 401'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.4 restored: 1'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.8 restored: 1'z[test-phase 2d]z
192.0.2.21z
192.0.2.22z5stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22z6stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22 z[test-phase 2d.1]rHz[test-phase 2d.2]z[test-phase 2e]z--unbanz7stdout: '[test-jail2] test-action2: -- unban 192.0.2.21z8stdout: '[test-jail2] test-action2: -- unban 192.0.2.22'z4stdout: '[test-jail2] test-action3: -- flushing IPs'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.21'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.22'z[test-phase 3]zReload jail 'test-jail1'zJail 'test-jail1' reloadedzReload jail 'test-jail2'zJail 'test-jail2' reloadedzJail 'test-jail1' startedz[test-phase 4])rNzStopping jail 'test-jail2'zRemoved logfile: %rz[test-phase 5]z# failure 401 from 192.0.2.1: test 5z#   error 403 from 192.0.2.5: test 5z# failure 401 from 192.0.2.6: test 5z6 ticket(s) in 'test-jail1z%[test-jail1] 192.0.2.1 already bannedz[test-jail1] Found 192.0.2.1z[test-jail1] Found 192.0.2.6z[test-jail1] Ban 192.0.2.6z[test-jail1] Found 192.0.2.5z[test-phase 6a]rr@z	192.0.2.5z	192.0.2.6z192.0.2.5 is not bannedz[test-jail1] Unban 192.0.2.6z[test-phase 6b]z192.0.2.2/31z[test-jail1] Unban 192.0.2.2z[test-jail1] Unban 192.0.2.3z192.0.2.8/31z192.0.2.100/31z[test-jail1] Unban 192.0.2.8z192.0.2.100/31 is not bannedz[test-phase 6c]z
192.0.2.96/28z192.0.2.112/28z[test-jail1] Ban 192.0.2.96/28z[test-jail1] Ban 192.0.2.112/28Zunbanipz
192.0.2.64/26z [test-jail1] Unban 192.0.2.96/28z![test-jail1] Unban 192.0.2.112/28z[test-phase 7]z[test-jail1] Unban 192.0.2.4zJail 'test-jail1' stoppedz[test-phase 7b]�--allzFlush ban listz'Unbanned 0, 0 ticket(s) in 'test-jail1'z[test-phase 8a]zxxx-unknown-backend-zzz)rNrPz0Restart jail 'test-jail1' (reason: 'polling' != zUnknown backend z[test-phase 8b]z[test-phase end-1]z$the jail 'test-jail2' does not existz--if-existsz[test-phase end-2]�	--restartz[test-phase end-3]Zaddignoreipz192.0.2.1/32z2001:DB8::1/96Zignoreip)r<TrIrIrIrIrI)rCr&rD)r[r{r|rQr�r�rr+r�r~rr�rr�r�r�r�r�r1�assertNotLoggedr2ZassertSortedEqualr��assertEqualr�)r�rlr�rBrSr&rQr'�testServerReloadTestYst




�*

�&


�
���
������
��
����
��������	�
���
���
����
����
���
���
���
�����
���
�
�
�������

��
���
�����

��
����
����
���
��
�

�
��
��
��z'Fail2banServerTest.testServerReloadTestznginx-block-map)�action)�%(tmp)s/blck-failures.log)rc)z[nginx-blck-lst]rdrEz#logpath = %(tmp)s/blck-failures.logzoaction = nginx-block-map[srv_cmd="echo nginx", srv_pid="%(tmp)s/f2b.pid", blck_lst_file="%(tmp)s/blck-lst.map"]z�         blocklist_de[actionban='curl() { echo "*** curl" "$*";}; <Definition/actionban>', email="Fail2Ban <fail2ban@localhost>", apikey="TEST-API-KEY", agent="fail2ban-test-agent", service=<name>]rJ�datepattern = ^Epochz3failregex = ^ failure "<F-ID>[^"]+</F-ID>" - <ADDR>zmaxretry = 1r5)r�r�r�cCs�t|d�}dd|i}dd|i}t|dttt����dttt����dttt����dttt����d	ttt����d
�|jddd
ddddtd�t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|jdddd�|jdddtd�|�t|dddd �t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|�t�|�d!�t|�t	|�}|�|d"�dS)#NrXrarlz%(tmp)s/blck-lst.map�w+z" failure "125-000-001" - 192.0.2.1z" failure "125-000-002" - 192.0.2.1u1 failure "125-000-003" - 192.0.2.1 (òðåòèé)u1 failure "125-000-004" - 192.0.2.1 (òðåòèé)z" failure "125-000-005" - 192.0.2.1z [nginx-blck-lst] Ban 125-000-001z [nginx-blck-lst] Ban 125-000-002z [nginx-blck-lst] Ban 125-000-003z [nginx-blck-lst] Ban 125-000-004z [nginx-blck-lst] Ban 125-000-005z5 ticket(s)Tr�z\125-000-001 1;
z\125-000-002 1;
z\125-000-003 1;
z\125-000-004 1;
z\125-000-005 1;
zstdout: 'nginx -qt'zstdout: 'nginx -s reload'r�z�stdout: '*** curl --fail --data-urlencode server=Fail2Ban <fail2ban@localhost> --data apikey=TEST-API-KEY --data service=nginx-blck-lst z=stdout: ' --data format=text --user-agent fail2ban-test-agentr@z125-000-001z125-000-002z125-000-005z5[nginx-blck-lst] Flush ticket(s) with nginx-block-maprI)r[rQr�r�rr+r�r1r�rT�assertInr�r��assertNotInr�r^)r�rlr�r��lgfnZmpfnZmpr&r&r'�testServerActions_NginxBlockMapEs^
��	�

z2Fail2banServerTest.testServerActions_NginxBlockMapz
sendmail-auth)�filter)�%(tmp)s/test.logT)rkzdbmaxmatches = 1)a�test_action = dummy[actionstart_on_demand=1, init="start: %(__name__)s", target="%(tmp)s/test.txt",
      actionban='<known/actionban>; echo "found: <jail.found> / <jail.found_total>, banned: <jail.banned> / <jail.banned_total>"
        echo "<matches>"; printf "=====\n%%b\n=====\n\n" "<matches>" >> <target>',
      actionstop='<known/actionstop>; echo "stats <name> - found: <jail.found_total>, banned: <jail.banned_total>"']z[sendmail-auth]rdrE�logpath = %(tmp)s/test.log�action = %(test_action)sz%filter = sendmail-auth[logtype=short]rbrFzmaxmatches = 2r5z[sendmail-reject]rdrErjrkz'filter = sendmail-reject[logtype=short]rbrFr5)r�r�r�r�c
	Csht|d�}dd|i}dd|i}ttt����dttt����dttt����df}ttt����dttt����d	ttt����d
f}|�d�t|df|��|jd
dddtd�t	|�t
|�}|d}	|�|	|�|dd�D]}	|�|	|�q�|�d�t|df|��|jddddtd�t	|�t
|�}|D]}	|�|	|��qH|�d�|�
t|ddd�|jddddddtd�t
|�}|d }	|�|	�|�|	|�|dd �D]}	|�|	�|�|	|��q�|jd!ddtd�t
|�}|d }	|�|	�|�|	|�|dd �D]}	|�|	�|�|	|��q$|�d"�|�t�|�t|��dS)#NrXrirlz%(tmp)s/test.txtz] smtp1 sm-mta[5133]: s1000000000001: [192.0.2.1]: possible SMTP attack: command=AUTH, count=1z] smtp1 sm-mta[5133]: s1000000000002: [192.0.2.1]: possible SMTP attack: command=AUTH, count=2z] smtp1 sm-mta[5133]: s1000000000003: [192.0.2.1]: possible SMTP attack: command=AUTH, count=3z� smtp1 sm-mta[21134]: s2000000000001: ruleset=check_rcpt, arg1=<[email protected]>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <[email protected]>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s2000000000002: ruleset=check_rcpt, arg1=<[email protected]>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <[email protected]>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s3000000000003: ruleset=check_rcpt, arg1=<[email protected]>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <[email protected]>... Relaying denied. Proper authentication required.z[test-phase sendmail-auth]rcz[sendmail-auth] Ban 192.0.2.1z%stdout: 'found: 0 / 3, banned: 1 / 1'z1 ticket(s) in 'sendmail-auth'Tr�rrz[test-phase sendmail-reject]rWz[sendmail-reject] Ban 192.0.2.2z 1 ticket(s) in 'sendmail-reject'z[test-phase restart sendmail-*]rr\r[rUz3stdout: 'stats sendmail-auth - found: 3, banned: 1'z5stdout: 'stats sendmail-reject - found: 3, banned: 1'z%[sendmail-auth] Restore Ban 192.0.2.1r�z'[sendmail-reject] Restore Ban 192.0.2.2z[test-phase stop server])r[r�r�rr+r�rQr�r1r�rTrerdr�r�r]r�r9r)
r�rlr�r�rfZtofnZ	smaut_msgZ	smrej_msgZtd�mr&r&r'�testServerJails_Sendmail�s�)
��
�
�
��

�



z+Fail2banServerTest.testServerJails_Sendmailcs�t|d��t|d��t�t�d��d>�fdd�	}d?��fd	d
�	}|ddd�|d
dd�|�t�d�|�d�|�t|d�t�dfttt	�
���dfd��t�|jdddt
d�t�|�d�td�t�|jddddt
d�t�|�d�d�t�fdd��t�dfttt	�
���d fd!��|jd"d#dt
d�|�d$�|�t|d%d&d'd(�|jd)d*dt
d�d�t�|�d+�td,�t�|jd-dt
d�t�|�d.�|�t|d%d&d'd(�|jd)d/dt
d�|�d0�t�d1d2i�tj���fd3d4�}��d5|���d5d6d��t��fd7d�t��j�tjj�rVd8nd9df�fd:d;�	}|�_|�t�|�d<�|��j�|��j d�d!�d1<|jd<dd=���!�dS)@NrXr;rcr<Tc	sHt�dd|�}t|ddddd|r&dndd	�tjjtjkrDt|�dS)
Nrcr=rerkrIrfzeactionban =     printf %%s "[%(name)s] %(actname)s: ++ ban <ip> -c <bancount> -t <bantime> : <F-MSG>"ziactionprolong = printf %%s "[%(name)s] %(actname)s: ++ prolong <ip> -c <bancount> -t <bantime> : <F-MSG>"zBactionunban =   printf %%b '[%(name)s] %(actname)s: -- unban <ip>')r[rQr~rr�rr�r�)r>�prolongrMrAr&r'rBs��	[email protected].<locals>._write_action_cfgrDcs`tt�d�ddddddddd	d
dddd
|dddd�ddd�tjjtjkr\tt�d��dS)NrZrerjrIrkrErFz
findtime = 1mzbantime = 5mzbantime.increment = truerGrHrIrJz*action = test-action1[name='%(__name__)s']z*         test-action2[name='%(__name__)s']rLzXfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>:\s*<F-MSG>.*</F-MSG>$r5rM)rP)r�rRr&r'rS#s0�z>Fail2banServerTest.testServerObserver.<locals>._write_jail_cfgF)r>rnrTrez[test-phase 0) time-0]rrcz> failure 401 from 192.0.2.11: I'm bad "hacker" `` $(echo test)rKzDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 1 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 1 -t 300 : r�z[test-phase 1) time+10m]�
z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.11z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.11z0 ticket(s) in 'test-jail1'z[test-phase 2) time+10m]cs�SrRr&r&)�wakeObsr&r'r�^r�z7Fail2banServerTest.testServerObserver.<locals>.<lambda>rWzC failure 401 from 192.0.2.11: I'm very bad "hacker" `` $(echo test)r
zDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 2 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 2 -t 300 : z"[test-phase 2) time+10m - get-ips]r�rZrYz--with-timez
192.0.2.11z+ 300 =z[test-phase 2) time+11m]rzHstdout: '[test-jail1] test-action2: ++ prolong 192.0.2.11 -c 2 -t 600 : z"[test-phase 2) time+11m - get-ips]z+ 600 =z'[test-phase end) stop on busy observer]�statercs<t�d�d�d<t��fdd�t����t�d�dS)Nz!++ observer enters busy state ...rrqcs�ddkS)Nrqr
r&r&�r$r&r'r��r�zMFail2banServerTest.testServerObserver.<locals>._long_action.<locals>.<lambda>z-- observer leaves busy state.)rr#rr4r�Zdb_purger&)r$�obsMainr&r'�_long_action�s

z;Fail2banServerTest.testServerObserver.<locals>._long_action�callcSsdSrRr&r&r&r&r'r��r�cs�ddkS)Nrqrr&r&rrr&r'r��r�g{�G�z�?g�������?cs
�||�SrRr&)ZwtimeZ	forceQuit)�obsMain_stopr&r'�_stop�sz4Fail2banServerTest.testServerObserver.<locals>._stopzobserver leaves busy staterV)r<T)rD)"r[r{r|rQr�r�r�r�r�rr+r2r�r1r-r;r r/r0�addrr4r�r�r~rrr�r]r9Zidler^Z_ObserverThread__dbr)r�rlr�rBrSrtrwr&)r$r�rsrvrRrpr'�testServerObservers�



��
�
��
�
�
�
 

z%Fail2banServerTest.testServerObserverN)r>r?r@�_exec_serverrrr/rr�r1r2r7r:r�r_r~rZskip_if_cfg_missingrgrmryZ_testServerStartStopZtestServerStartStopr&r&r&r'r.�sJ

n�<�'P
r.)FNrUrVr&rWN)`�
__author__Z
__copyright__Z__license__rvr{rtrr+r�r~Zos.pathrr[rrrr�	functoolsr�	threadingr	Zclientrrr
Zclient.fail2bancmdlinerZclient.fail2banclientrr-rrZclient.fail2banserverrrzrIrrZ
server.mytimerZserver.utilsrZutilsrrr�rrrrrrsrr Zhelpersr!r>rrZ
getServerPathr�rZmaxWaitTimer�r1r�r�r�r�r(rr-r/r2r;r<rBr�r�rErGZ
input_commandZ
PRODUCTIONZdumpFiler�rQrTr�r�r�r�r�r�r�r�r.r&r&r&r'�<module>s�,
����
�
U
,F
Z

Youez - 2016 - github.com/yon3zu
LinuXploit