HEX
Server: Apache
System: Linux srv1.prosuiteplus.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: prosuiteplus (1001)
PHP: 8.3.20
Disabled: NONE
$ pwd: /lib/python3/dist-packages/fail2ban/tests/__pycache__/
Upload Files
File: //lib/python3/dist-packages/fail2ban/tests/__pycache__/clientreadertestcase.cpython-38.pyc
U

]^Q��@sxdZdZdZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZmZm
Z
mZddlmZddlmZmZmZdd	lmZdd
lmZddlmZmZddlmZdd
lmZddl m Z ddl!m"Z"m#Z#ej$�%ej$�&e'�d�Z(iZ)ddl!m*Z*e	j+j,Z-ej$�%ej$�&e'�d�Z.iZ/Gdd�de	j0�Z1Gdd�de"�Z2Gdd�de	j0�Z3Gdd�de"�Z4Gdd�de"�Z5dS)z!Cyril Jaquier, Yaroslav Halchenkoz>Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav HalchenkoZGPL�N�)�ConfigReader�ConfigReaderUnshared�DefinitionInitConfigReader�NoSectionError)�configparserinc)�
JailReader�extractOptions�splitWithOptions)�FilterReader)�JailsReader)�ActionReader�
CommandAction)�Configurator)�MyTime)�version�)�LogCaptureTestCase�with_tmpdir�files)�
CONFIG_DIR�configcspeZdZ�fdd�Zdd�Zddd�Zdd	�Zddd�Zd
d�Zdd�Z	dd�Z
dd�Zdd�Zdd�Z
�ZS)�ConfigReaderTestcs.tt|���tjdd�|_t|jd�|_dS)zCall before every test case.zf2b-temp)�prefix��basedirN)�superr�setUp�tempfileZmkdtemp�dr�c��self��	__class__��E/usr/lib/python3/dist-packages/fail2ban/tests/clientreadertestcase.pyr7szConfigReaderTest.setUpcCst�|j�dS)zCall after every test case.N)�shutil�rmtreerr!r%r%r&�tearDown=szConfigReaderTest.tearDownNcCs�tjj|kr>tj�|�}tj�|j|�}tj�|�s>t�|�td|j|fd�}|dk	rh|�	d|�|dk	rz|�	|�|�
�dS)N�%s/%s�wz
[section]
option = %s
	)�os�path�sep�dirname�joinr�exists�makedirs�open�write�close)r"�fname�value�contentrZd_�fr%r%r&�_writeAs
�
zConfigReaderTest._writecCs*t�d|j|f�|�|j�d��dS)Nr*r )r,�unlinkr�
assertTruer �read)r"r6r%r%r&�_removeRszConfigReaderTest._remover cCs&|�|j�|��|j�ddg�dS)N�section)�int�optionrA)r<r r=�
getOptions)r"r9r%r%r&�
_getoptionVszConfigReaderTest._getoptioncCsztj�|jd�}|�dd�|�|�d�d�t�|d�t�|tj	�s\|�
|j�d��nddl
}t�d|�
���dS)Nzd.confrrz0Skipping on %s -- access rights are not enforced)r,r-r0rr:�assertEqualrC�chmod�access�R_OK�assertFalser r=�platform�unittest�SkipTest)r"r9rIr%r%r&�testInaccessibleFileZsz%ConfigReaderTest.testInaccessibleFilecCsL|�|j�d��|�dd�|�|��d�|�dd�|�|��d�|�dd�|�|��d	�|�d
d�|�|��d	�|�dd
�|�|��d�|�dd�|�|��d�|�dd�|�|��d�|�d�|�d�|�|��d�|�d�|�|��d	�|�d�|�|��d�|�d
�|�|��d�dS)Nr �c.conf�1r�2rzc.d/98.confZ998i�zc.d/90.confZ990zc.d/99.confZ999i�zc.local�3�zc.d/1.local�4�i�)rHr r=r:rDrCr>r!r%r%r&�testOptionalDotDDirgs0




z$ConfigReaderTest.testOptionalDotDDircCs�|jdddd�|jdddd�|jdddd�|jddd	d�|jd
ddd�Gdd
�d
t�}|ddi�|_|j�|j�|�|j���|jjidd�|j��}|�	|�
d�d�|�	|�
d�d�|�	|�
d�d�dS)NrMzS
[INCLUDES]
before = ib.conf
after  = ia.conf
[Definition]
test = %(default/test)s
�r7r8zib.confz,
[DEFAULT]
test = A
[Definition]
option = 1
zib.localz,
[DEFAULT]
test = B
[Definition]
option = 2
zia.confz,
[DEFAULT]
test = C
[Definition]
oafter = 3
zia.localz,
[DEFAULT]
test = D
[Definition]
oafter = 4
c@s$eZdZddgddgddgd�ZdS)z?ConfigReaderTest.testLocalInIncludes.<locals>.TestDefConfReaderr@N�string)rA�oafter�test)�__name__�
__module__�__qualname__Z_configOptsr%r%r%r&�TestDefConfReader�s�r\r rAT)�allrrWrSrX�D)r:rr �
setBaseDirrr<r=rB�getCombinedrD�get)r"r\�or%r%r&�testLocalInIncludes�s
z$ConfigReaderTest.testLocalInIncludescCs�|�|j�d��|jdddd�|�|j�d��|�|j��ddg�|�|j�dd�d�|�|j�dd	�d
�|�|j�dd�d�|�|j�dd�d
�|�|j�dd�d�dS)N�izi.confzu
[DEFAULT]
b = a
zz = the%(__name__)s

[section]
y = 4%(b)s
e = 5${b}
z = %(__name__)s

[section2]
z = 3%(__name__)s
rUr?Zsection2�yZ4a�ez5${b}�zZzzZ
thesectionZ	3section2)rHr r=r:r<rD�sectionsrar!r%r%r&�testInterpolations�s
z#ConfigReaderTest.testInterpolationscCsd|�|j�d��|jdddd�|�|j�d��|�|j�dd�d�|�|j�dd�d	�dS)
N�g�g.confz4
[DEFAULT]
# A comment
b = a
c = d ;in line comment
rU�DEFAULT�b�ar r)rHr r=r:r<rDrar!r%r%r&�testComments�s
zConfigReaderTest.testCommentscCs<|�|j�d��|jdddd�|�|j�d��|�|j�dd�d�|�|j�dd�d	�|�|j�d
d�d�|�|j�d
d�d�|�|j�d
d
�d�|�|j�d
d�d�|�|j�dd
�d�|�|j�dd�d�|�|j�dd
�d�|�|j�dd�d�|�t|jjdd�|�t|jjd
d�dS)Nrjrkz�
[DEFAULT]
a = def-a
b = def-b,a:`%(a)s`
c = def-c,b:"%(b)s"
d = def-d-b:"%(known/b)s"

[jail]
a = jail-a-%(test/a)s
b = jail-b-%(test/b)s
y = %(test/y)s

[test]
a = test-a-%(default/a)s
b = test-b-%(known/b)s
x = %(test/x)s
y = %(jail/y)s
rUrXrnztest-a-def-armztest-b-def-b,a:`test-a-def-a`�jailzjail-a-test-a-def-az+jail-b-test-b-def-b,a:`jail-a-test-a-def-a`r z5def-c,b:"jail-b-test-b-def-b,a:`jail-a-test-a-def-a`"rz'def-d-b:"def-b,a:`jail-a-test-a-def-a`"z'def-c,b:"test-b-def-b,a:`test-a-def-a`"z def-d-b:"def-b,a:`test-a-def-a`"rlzdef-c,b:"def-b,a:`def-a`"zdef-d-b:"def-b,a:`def-a`"�xre)	rHr r=r:r<rDra�assertRaises�	Exceptionr!r%r%r&�testTargetedSectionOptions�sz+ConfigReaderTest.testTargetedSectionOptions)NN)r )rYrZr[rr)r:r>rCrLrTrcrirort�
__classcell__r%r%r#r&r5s


0rcs�eZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zedd��Zdd�Z�ZS)�JailReaderTestcstt|�j||�dS�N)rrv�__init__�r"�args�kwargsr#r%r&rx�szJailReaderTest.__init__cCs tdttd�}|�t|j�dS)NZXXXABSENTXXX�r�share_config)rr�CONFIG_DIR_SHARE_CFGrr�
ValueErrorr=�r"rpr%r%r&�testIncorrectJail�sz JailReaderTest.testIncorrectJailcCsPtdttd�}|�|���|�|���|�|���|�d�|�d�dS)N�emptyactionr|z"No filter set for jail emptyactionz'No actions were defined for emptyaction)r�IMPERFECT_CONFIG�IMPERFECT_CONFIG_SHARE_CFGr<r=rB�	isEnabled�assertLoggedr�r%r%r&�testJailActionEmptys
z"JailReaderTest.testJailActionEmptycCsTtdttd�}|�|���|�|���|�|���|�dt�|�d�dS)NZmissingbitsjailr|zJFound no accessible config files for 'filter.d/catchallthebadies' under %szUnable to read the filter�	rr�r�r<r=rHrBr�r�r�r%r%r&�testJailActionFilterMissingsz*JailReaderTest.testJailActionFilterMissingcCsFtdttd�}|�|���|�|���|�|���|�d�dS)NZbrokenactiondefr|z$Invalid action definition 'joho[foo'r�r�r%r%r&�testJailActionBrokenDefs�z&JailReaderTest.testJailActionBrokenDefcCsNtdttd�}|�|���|�|���|�|���|�|jdd�dS)N�
tz_correctr|�logtimezone�UTC+0200)	rr�r�r<r=rBr�rD�optionsr�r%r%r&�testJailLogTimeZones�z"JailReaderTest.testJailLogTimeZonecCsFtdttd�}|�|���|�|���|�|���|�d�dS)NZbrokenfilterdefr|z$Invalid filter definition 'flt[test'r�r�r%r%r&�testJailFilterBrokenDef s�z&JailReaderTest.testJailFilterBrokenDefcCsttjjdd�tdttd�}|�|���|�|���|�	|�
��|�|��d�|�
d�|�|��d�dS)NT�Zstock�sshdr|zssh-funky-blocker)rJ�F2B�SkipIfCfgMissingrrr~r<r=rBrHr�rD�getNameZsetNamer�r%r%r&�testStockSSHJail(s
zJailReaderTest.testStockSSHJailcCs
tjjdd�tdttdd�}|�|���|�|���|�|�	��|�
�}|�ddddggdd	�|D��|�ddd
dggdd	�|D��|�ddd
dggdd	�|D��|�ddddg�}d}|D]:}|�
t|�dko�|d�d��|d7}||kr��qq�dS)NTr�zsshd-override-flt-opts)rr}�force_enable�set�	prefregexz^TestcSs(g|] }t|�dkr|ddkr|�qS)rr���len��.0rbr%r%r&�
<listcomp>=sz>JailReaderTest.testOverrideFilterOptInJail.<locals>.<listcomp>�addjournalmatchz
_COMM=testcSs(g|] }t|�dkr|ddkr|�qS)rr�r�r�r%r%r&r�@s�maxlinesrcSs(g|] }t|�dkr|ddkr|�qS)rr�r�r�r%r%r&r�Cs�usednsZnorZregexr)rJr�r�rr�r�r<r=rBr��convertrD�indexrHr��endswith)r"rp�streamZ	usednsidxrdrbr%r%r&�testOverrideFilterOptInJail2s2���� z*JailReaderTest.testOverrideFilterOptInJailc
Cs0d}dddif}t|�}|�||�|�diftd��|�dddd�ftd	��|�d
iftd
��|�d
iftd��|�dd
diftd��d}dif}t|�}|�||�d}ddddddddddddd�f}t|�}|�||�t|�dd��}|dtd d!�t|d"���D��f}|�||�dS)#Nzmail-whois[name=SSH]z
mail-whois�nameZSSHzmail.who_is�catZdog)rnrmzmail.who_is[a=cat,b=dog]zmail--ho_iszmail--ho_is['s']Zmailrn�,zmail[a=',']zabc[]�abcz�option[opt01=abc,opt02="123",opt03="with=okay?",opt04="andwith,okay...",opt05="how about spaces",opt06="single'in'double",opt07='double"in"single',  opt08= leave some space, opt09=one for luck, opt10=, opt11=]rAZ123z
with=okay?zandwith,okay...zhow about spaceszsingle'in'doublezdouble"in"singlezleave some spacezone for luck�)Zopt01Zopt02Zopt03Zopt04Zopt05Zopt06Zopt07Zopt08Zopt09Zopt10Zopt11�][rcss"|]\}}||�dd�fVqdS)r�r�N)�replace)r��k�vr%r%r&�	<genexpr>zsz1JailReaderTest.testSplitOption.<locals>.<genexpr>r)r	rDr��dict�list�items)r"rAZexpected�resultZ	expected2r%r%r&�testSplitOptionLsD�
�zJailReaderTest.testSplitOptioncCs�tddttd�}|�|���|�|���|�|jdd�|�|jdd�|�dd	�|j	D�d
dddgd
dddddgddgddggggd
dddgd
dddddgddgddgddggggd
dddgd
dddddgddgddggggg�dS)Nz	multi-logT)r�rr}Zlogpathza.log
b.log
c.log�actionzeaction[actname='ban']
action[actname='log', logpath="a.log
b.log
c.log
d.log"]
action[actname='test']cSsg|]}|���qSr%)r��r�rnr%r%r&r��sz6JailReaderTest.testMultiLineOption.<locals>.<listcomp>r��	addactionZban�	multi-set�	actionbanz4echo "name: ban, ban: <ip>, logs: a.log
b.log
c.log"�actnamer��logz:echo "name: log, ban: <ip>, logs: a.log
b.log
c.log
d.log"za.log
b.log
c.log
d.logrXz5echo "name: test, ban: <ip>, logs: a.log
b.log
c.log")
rr�r�r<r=rBrDr��assertSortedEqual�_JailReader__actionsr�r%r%r&�testMultiLineOption~s.����z"JailReaderTest.testMultiLineOptionc	sZtjjdd�tddtd�}t�|d�|j��}t	d�|d<|�
|���|��}g}|D]l�t
��dkrnq\�dd	kr��dd
ks��d�d�r�|���q\�ddkr\|��fd
d��dD��q\dt}|�t
|�d�|�|dd	dddd
|g�|�|dd	dddd
|g�|�t|dd��d
d�|�|�|dd	dddd
|g�dS)NTr��
blocklisttest)r�rrp))rYr�)�filterr�)�	failregexz
^test <HOST>$)Zsenderzf2b-test@example.com)Zblocklist_de_apikeyztest-key)r�z�%(action_blocklist_de)s
%(action_badips_report)s
%(action_badips)s
mynetwatchman[port=1234,protocol=udp,agent="%(fail2ban_agent)s"]rSrr��agentz	badips.pyr�cs.g|]&}|ddkrdg�dd�|�qS)rr�r�rrSr%r���cmdr%r&r��sz3JailReaderTest.testVersionAgent.<locals>.<listcomp>zFail2Ban/%sr�Zblocklist_derZbadipsr�z<wrong>rQZ
mynetwatchman)rJr�r�rrrr=Z_cfgZget_sectionsr�r<rBr�r�r��append�extendrrD�evalra)r"rprhr��actZ	useragentr%r�r&�testVersionAgent�s*
& zJailReaderTest.testVersionAgentcCs�tj�|d�}t|d���tj�|d�}t�d|�|�t�tj�|d��|g�|�t�|�g�|�	d|�|�t�tj�|d��g�dS)N�f1r+�f2Znonexisting�*z4File %s is a dangling link, thus cannot be monitored)
r,r-r0r3r5�symlinkrDrZ_globr�)r"rr�r�r%r%r&�testGlob�szJailReaderTest.testGlobcCsttid�}|�|��g�|�|�d��|�t|jdi�|�t|jd�|�t|j	dd�|�t|j
di�dS)N�r}rX�any)rrDrhrHZhas_sectionrrrZ
merge_sectionr�rarB)r"r r%r%r&�testCommonFunction�s
z!JailReaderTest.testCommonFunction)rYrZr[rxr�r�r�r�r�r�r�r�r�r�r�rr�r�rur%r%r#r&rv�s
2%
rvcsTeZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
�ZS)�FilterReaderTestcstt|�j||�i|_dSrw)rr�rxZ_FilterReaderTest__share_cfgryr#r%r&rx�szFilterReaderTest.__init__c	Cs�ddddddggdddd	gddd
ddd
dgddd
dddgddddgddddgg}tddi�}|�t�|��|�d�|�|��|�tddddittd�}|��|�d�d|dd<|�|��|�dS)Nr��
testcase01�addfailregexz�^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?Authentication failure for .* from <HOST>\s*$z�^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\s*$a^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?User not known to the\nunderlying authentication.+$<SKIPLINES>^.+ module for .* from <HOST>\s*$r�Zaddignoreregexz"^.+ john from host 192.168.1.1\s*$r�z
_COMM=sshd�+z_SYSTEMD_UNIT=sshd.servicez_UID=0zFIELD= with spaces zAFIELD= with + char and spacesZdatepatternz%Y %m %d %H:%M:%Sr�r�5�r}r���)rr_�TEST_FILES_DIRr=rBr�r��TEST_FILES_DIR_SHARE_CFG)r"�output�filterReaderr%r%r&�testConvert�sF����

�

�
zFilterReaderTest.testConvertcCsJddddgg}tddittd�}|��|�d�|��}|�||�dS)Nr��jailnamer�z to=sweet@example.com fromip=<IP>�
substitionr��rr�r�r=rBr�r��r"r�r�r r%r%r&�!testFilterReaderSubstitionDefaults�
z2FilterReaderTest.testFilterReaderSubstitionDefaultcCsNddddgg}tddddittd�}|��|�d�|��}|�||�dS)	Nr�r�r�zto=sour@example.com fromip=<IP>r��honeypotzsour@example.comr�r�r�r%r%r&�testFilterReaderSubstitionSets�
z.FilterReaderTest.testFilterReaderSubstitionSetcCsVddddgg}td�\}}tdd|ttd�}|��|�d�|��}|�||�dS)Nr�r�r�z?^to=test,sweet@example.com,test2,sweet@example.com fromip=<IP>$zusubstition[failregex="^<known/failregex>$", honeypot="<sweet>,<known/honeypot>", sweet="test,<known/honeypot>,test2"]r�r��r	rr�r�r=rBr�r��r"r��
filterName�	filterOptr�r r%r%r&�testFilterReaderSubstitionKnowns��
z0FilterReaderTest.testFilterReaderSubstitionKnowncCsVddddgg}td�\}}tdd|ttd�}|��|�d�|��}|�||�dS)Nr�r�r�z)^\s*to=fail2ban@localhost fromip=<IP>\s*$zUsubstition[failregex="^\s*<Definition/failregex>\s*$", honeypot="<default/honeypot>"]r�r�r�r�r%r%r&�!testFilterReaderSubstitionSection%s��
z2FilterReaderTest.testFilterReaderSubstitionSectioncCsvtddddittd�}|��|�d�|�ttj|�tddddd�ttd�}|��|�d�|�ttj|�dS)Nr�r�r�z
<honeypot>r�z<sweet>)r�Zsweet)rr�r�r=rBrrrr�)r"r�r%r%r&�testFilterReaderSubstitionFail0s�
�
z/FilterReaderTest.testFilterReaderSubstitionFailc
Cs�tj�tj�td��}ttj�|d�di�}|�|��tj�|d�tj�|d�g�z2|�d�|�	dd�|�	dd�|�	dd�Wn0t
k
r�}z|�d	|�W5d}~XYnXdS)
N�filter.dztestcase01.confr�ztestcase-common.conf�
DefinitionZ
__prefix_liner�Zignoreregexz)unexpected options after readexplicit: %s)r,r-�abspathr0r�rrDZreadexplicitrBrars�fail)r"Zpath_r�rfr%r%r&�testFilterReaderExplicit>s
�
z)FilterReaderTest.testFilterReaderExplicit)rYrZr[rxr�r�r�r�r�r�r�rur%r%r#r&r��s+		r�c@s*eZdZd	dd�Zdd�Zedd��ZdS)
�JailsReaderTestCacheFNcCsBt||d�}|�|�|��|��|��|�|�d��dS)N�r�r})rr_�	readEarly�getEarlyOptions�readAllr<rB)r"rr�r}�configuratorr%r%r&�_readWholeConfRs
z#JailsReaderTestCache._readWholeConfcCs4d}|���d�D]}t�d||�r|d7}q|S)Nr�
z^\s*Reading files?: .*/r)ZgetLog�rsplit�re�match)r"Z	filematch�cnt�sr%r%r&�_getLoggedReadCount\s

z(JailsReaderTestCache._getLoggedReadCountcCstj��tj}tjt_z�t�|�t�	t
|�t�t
d|d�t�t
d|d�t�}|j
||d�|�d�}|�|dkd|�|j
|d	|d
�|�d�}|�|dkd|�|�d
�}|�|dkd|�|�d�}|�|dkd|�W5|t_XdS)Nz
/jail.confz/jail.localz/fail2ban.confz/fail2ban.localr�z
jail.localrz3Unexpected count by reading of jail files, cnt = %sTr�zjail\.localz:Unexpected count by second reading of jail files, cnt = %szfilter\.d/common\.confz5Unexpected count by reading of filter files, cnt = %szaction\.d/iptables-common\.confz5Unexpected count by reading of action files, cnt = %s)rJr�Z
SkipIfFastrZlogLevel�logging�DEBUGr'r(Zcopytreer�copyr�r�rr<)r"rZsaved_llZ	share_cfgr�r%r%r&�testTestJailConfCachecs(





z*JailsReaderTestCache.testTestJailConfCache)FN)rYrZr[r�rrrr%r%r%r&r�Ps

r�cs|eZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
edd��Zdd�Z
dd�Zedd��Z�ZS)�JailsReaderTestcstt|�j||�dSrw)rrrxryr#r%r&rx�szJailsReaderTest.__init__cCs(tj�d�s$tdd�}|�t|j�dS)Nz/XXXr)r,r-r1rrrrr=)r"�readerr%r%r&�testProvidingBadBasedir�s
z'JailsReaderTest.testProvidingBadBasedircCsPtttd�}|�|���|�|jdd��|�t|j	�|j	dd�}d|_
|�|dddgdd	dgd
d	ddd
dggdd	gdddgddddgdddgddddgddddgd
dddddgddgddgggdddgddddgddddgddddgddgddgddgddgdddgddgddgdd gdd!gdd"gg�|�d#�|�
d$�|�d%�dS)&Nr|F)ZignoreWrongT�Zallow_no_files�addr��autoztest-known-interpr�r�z*failure test 1 (filter.d/test.conf) <HOST>z+failure test 2 (filter.d/test.local) <HOST>z"failure test 3 (jail.local) <HOST>�startZmissinglogfilesr�z<IP>Zbrokenactionr�r�r�zhit with big stick <ip>r�r�zparse_to_end_of_jail.confr�r�r�zconfig-errorzdJail 'brokenactiondef' skipped, because of wrong configuration: Invalid action definition 'joho[foo'zdJail 'brokenfilterdef' skipped, because of wrong configuration: Invalid filter definition 'flt[test'zoJail 'missingaction' skipped, because of wrong configuration: Unable to read action 'noactionfileforthisaction'zmJail 'missingbitsjail' skipped, because of wrong configuration: Unable to read the filter 'catchallthebadies'z!Errors in jail 'missingbitsjail'.zSkipping...z6No file(s) found for glob /weapons/of/mass/destruction)rr�r�r<r=rHrBrrrr��maxDiffr�r�ZassertNotLogged)r"�jails�
comm_commandsr%r%r&�testReadTestJailConf�sh�


�


������&

z$JailsReaderTest.testReadTestJailConfcCsDtjjdd�t�tj�tdd��D�]}tj�|��	dd�}t
|ditd�}|�|���z|�
i�Wn<tk
r�}z|�d	|t|�j|f�W5d}~XYnX|�d
�s$|jd|��d|d
�|j|j�dd���d|d
�|jtjtd�Bd�}|j|�d�dd|d
�|dkr$|jd|�dd�d|d
�q$dS)NTr��action.d�*.confz.confr�ZTESTrzaction %r
%s: %sz-commonr�z.Action file %r is lacking [Definition] section��msgr�z#Action file %r is lacking actionban)Ztimeout�bantime)�ignorer�z5Action file %r does not contains jail-name 'f2b-TEST')Zpfziptables-allports�iptables-multiportzf2b-TESTZactionstartzSAction file %r: interpolation of actionstart does not contains jail-name 'f2b-TEST')rJr�r��globr,r-r0r�basenamer�r
r<r=rBrsr��typerYr��assertInrh�_optsra�stripr`rZ_escapedTagsr�rD)r"ZactionConfigZ
actionName�actionReaderrf�optsr%r%r&�testReadStockActionConf�s4,
�����z'JailsReaderTest.testReadStockActionConfc	Cs�tjjdd�tttd�}|�|���|�|���|�	�}|�
|g�t�}|��D�]L}|dkrhqX|�
|d�}t|�\}}|�|�|�t|��t|||ttd�}|�|��d|�|�i�|�|j�
dd	����|�
|d
�}|�t|����t|�D]�}	t|	�\}
}|�t|
��|�t|t��|
dk�rJ|�d|�t|
|ittd�}|�|���|�i�|�	�}
|�t|
��|�|j�
d
d	�����qqXdS)NTr�r|ZINCLUDESr�r�zFailed to read filter:r�r�r�rZportr�)rJr�r�rrr~r<r=rBr�rDr�rhrar	r	r�rrrr
�
isinstancer�rr
)r"r
rZ
allFiltersrpr�r�r��actionsr�ZactNameZactOptrZcmdsr%r%r&�testReadStockJailConf�sL
�

�
z%JailsReaderTest.testReadStockJailConfc	Cs�tjjdd�ttdtd�}|�|���|�|���t	dd�t
�
tj�
ddd��D��}t	d	d�|jD��}d|_|�|�|�d
|�|��|�|�|�d|�|��dS)NTr��rr�r}css>|]6}|�d�s|�d�stj�tj�|�d�dVqdS)zcommon.confz-aggressive.confrrN)r�r,r-�splitext�splitr�r%r%r&r�%s

�zBJailsReaderTest.testReadStockJailFilterComplete.<locals>.<genexpr>rr�rcss |]}t|jd�dVqdS)r�rN)r	r�)r�rpr%r%r&r�)sz=More filters exists than are referenced in stock jail.conf %rz2Stock jail.conf references non-existent filters %r)rJr�r�rrr~r<r=rBr�rr,r-r0r
r�issubset�
difference)r"r
�filtersZfilters_jailr%r%r&�testReadStockJailFilterCompletes"����z/JailsReaderTest.testReadStockJailFilterCompletecCs(tjjdd�ttdtd�}|�|���|�|���|j	dd�}|�t
|��|D]@}t
|�dkrV|d|dgdd	gkrV|�t�|d�dk�qVd
D]B}|�
d|gdd
�|D��|�
d|ddg|�|�
d|g|�q�|�|ddd�|jD�]&}|j}|��}|jt
|�d|d�|D]�}|�	�}|��}	dt|�k�r(|�
d|j�d}
|d|	g}|D]�}t
|�dk�r�|ddk�r�|dd�|k�r�ddd�|dD�k}
n@t
|�dk�r�|ddk�r�|dd�|k�r�|ddk�r�d}
|
�rj�q�qj|j|
d|t|�fd��q(q�dS)NTr�r#rrQrrr�r)r�Zrecidiver	css2|]*}t|�dkr|ddkr|dd�VqdS)rQrr	Nrr��r�r�r%r%r&r�IszDJailsReaderTest.testReadStockJailConfForceEnabled.<locals>.<genexpr>r��warnrr�zNo actions found for jail %srz<blocktype>Z	blocktypeFr�rSr�rcSsg|]}|d�qS)rr%r*r%r%r&r�fszEJailsReaderTest.testReadStockJailConfForceEnabled.<locals>.<listcomp>r�zFound no %s command among %s)rJr�r�rrr~r<r=rBr�r�rZstr2secondsrrDZ_JailsReader__jailsr�r��strZ	_initOpts)r"r
rZcommand�jr!Z	jail_namer��commandsZaction_nameZblocktype_presentZtarget_commandr%r%r&�!testReadStockJailConfForceEnabled2s`$
�
�
��
�

��z1JailsReaderTest.testReadStockJailConfForceEnabledcsNtjjdd�t�}|�t�|�|��t�|��|�	�}|�|dd�|�|dd�|�
�|��|��|�
���fdd�}|�|d	�|d
�ko�|d�kn�|�|d�|d
�k�|�|d�|d
�k�|��dd	dgdd
dgdddgdd
dgdddgdddgg�|j�d�|�|j��d�|�|��t�dS)NTr�Zsocketz/var/run/fail2ban/fail2ban.sockZpidfilez/var/run/fail2ban/fail2ban.pidcsFt��D](\}}|ddkr|d|kr|Sqtd|�f��dS)Nrr�rz/Did not find command 'set %s' among commands %s)�	enumerater)rArdrf�r.r%r&�find_set�s
�z7JailsReaderTest.testStockConfigurator.<locals>.find_setZsyslogsocketZloglevelZ	logtargetZ
dbpurgeageZdbfileZdbmaxmatchesr�r
�INFOz/var/log/fail2ban.logz"/var/lib/fail2ban/fail2ban.sqlite3�
Z1dz/tmp)rJr�r�rr_rrDZ
getBaseDirr�r�r�rBZconvertToProtocolZgetConfigStreamr<r�Z_Configurator__jails)r"r�rr2r%r1r&�testStockConfiguratorqs:
"��z%JailsReaderTest.testStockConfiguratorcCs�t�tj�|d��t�tj�|d��ttj�|dd�d���ttj�|dd�d���ttj�|d�d�}|�d�|��t|id�}|�|�	��|�|�
��|jd	d
�}dd�|D�}|�t
td
d�|D���d�|�|ddd�dS)Nr�rztestaction1.confr+ztestfilter1.conf�	jail.confz�
[testjail1]
enabled = true
action = testaction1[actname=test1]
         testaction1[actname=test2]
         testaction.py
         testaction.py[actname=test3]
filter = testfilter1
r|TrcSs.g|]&}|dd�dddgkr|dd��qS)NrQr�Z	testjail1r�r%)r�Zcommr%r%r&r��s�z:JailsReaderTest.testMultipleSameAction.<locals>.<listcomp>css|]}|dVqdS)rNr%)r�r�r%r%r&r��sz9JailsReaderTest.testMultipleSameAction.<locals>.<genexpr>rSr�z{})r,�mkdirr-r0r3r5r4rr<r=rBr�rDr�r�)r"r�jailfdr
rZadd_actionsr%r%r&�testMultipleSameAction�s
	z&JailsReaderTest.testMultipleSameActioncCs|jtd|jdd�dS)Nz'Have not found any log file for .* jailZpolling��backend)ZassertRaisesRegexr�_testLogPathr!r%r%r&�testLogPathFileFilterBackend�s�z,JailsReaderTest.testLogPathFileFilterBackendc
CsZzddlm}Wn,tk
r<}zt�d��W5d}~XYnX|jdd�|jdd�dS)Nr)�
FilterSystemdz&systemd python interface not availableZsystemdr:zsystemd[journalflags=2])Zserver.filtersystemdr>rsrJrKr<)r"r>rfr%r%r&�testLogPathSystemdBackend�sz)JailsReaderTest.testLogPathSystemdBackendcCs`ttj�|d�d�}|�d||f�|��t|d�}|�|���|�|�	��|�
�dS)Nr6r+z�
[testjail1]
enabled = true
backend = %s
logpath = %s/not/exist.log
          /this/path/should/not/exist.log
action = 
filter = 
failregex = test <HOST>
r)r3r,r-r0r4r5rr<r=rBr�)r"rr;r8r
r%r%r&r<�s	�

zJailsReaderTest._testLogPath)rYrZr[rxrrrr"r)r/r5rr9r=r?r<rur%r%r#r&r�s1??3
r)6�
__author__Z
__copyright__Z__license__rrr,r�r'rrJZclient.configreaderrrrrZclientrZclient.jailreaderrr	r
Zclient.filterreaderrZclient.jailsreaderrZclient.actionreaderr
rZclient.configuratorrZ
server.mytimerrZutilsrrr-r0r/�__file__r�r�rr�r}r~r�r�ZTestCaserrvr�r�rr%r%r%r&�<module>s@Cay:
@ Telegram