HEX
Server: Apache
System: Linux srv1.prosuiteplus.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: prosuiteplus (1001)
PHP: 8.3.20
Disabled: NONE
$ pwd: /lib/python3/dist-packages/fail2ban/tests/__pycache__/
Upload Files
File: //lib/python3/dist-packages/fail2ban/tests/__pycache__/fail2banclienttestcase.cpython-38.pyc
U

]^���@s�dZdZdZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZm
Z
mZmZmZddlmZddlmZdd	lmZmZmZdd
lmZddlmZmZddlm Z mZ!dd
l"m#Z#ddl$m$Z$ddl%m&Z&ddl'm(Z(ddl)m*Z*m+Z,m-Z-m.Z.m/Z/m0Z0m1Z2m3Z3m4Z4ddl5m6Z6e6e7�Z+dZ8dZ9ee �:��Z;e	j<�=e	j<j>�Z>e	j<�=e	j<j?�Z?e>de_>e+e_+e_+e_+e$j@ZAe$jBZCdd�ZDeDe_Ee_Ee_Ee#_Edd�ZFe$jGZGdd�ZHe?fdd�ZIGdd�dejJ�ZJGd d!�d!ejJ�ZKeJZLeKZMgaNd"d#�ZOeOe_Pd$e_Qe_Qe*jRZSd%d&�ZTd'd(�ZUd?d-d.�ZVd/d0�ZWd1d2�ZXd3d4�ZYd5d6�ZZifd7d8�Z[Gd9d:�d:e*�Z\Gd;d<�d<e\�Z]Gd=d>�d>e\�Z^dS)@zSerg BresterzICopyright (c) 2014- Serg G. Brester (sebres), 2008- Fail2Ban ContributorsZGPL�N)�join�isdir�isfile�exists�dirname��wraps)�Thread�)�fail2banclient�fail2banserver�fail2bancmdline)�Fail2banCmdLine)�exec_command_line�
VisualWait)�Fail2banServerr)�protocol)�server)�MyTime)�Utils�)	�LogCaptureTestCase�logSys�with_tmpdir�shutil�logging�STOCK�
CONFIG_DIR�TEST_NOW�tearDownMyTime)�	getLoggerzfail2ban-clientzfail2ban-servercGst�|d�dS�Nr)r�info��args�r%�G/usr/lib/python3/dist-packages/fail2ban/tests/fail2banclienttestcase.py�_test_outputJsr'cCs&t�d|�t�t��|d�dS)Nz===>>> time shift + %s min�<)r�debugrZsetTime�time)�shiftr%r%r&�_time_shiftQsr,cCs*tjdk	r&tj�t�tj�td�dS)z$Helper to wait observer becomes idleN�)�	Observers�MainZ
wait_empty�MID_WAITTIMEZ	wait_idler%r%r%r&�_observer_wait_idleYs
r1cs.tjdk	r*tjj����fdd�}|tj_dS)zOHelper to block observer before increase bantime until some condition gets trueNcs6�tj_t�d�t����t�d��||�dS)Nz4  [Observer::banFound] *** observer blocked for testz.  [Observer::banFound] +++ observer runs again)r.r/�banFoundrr)r�wait_for�r$�kwargs�Z
_obs_banFound�cond�timeoutr%r&�	_banFoundds


z0_observer_wait_before_incrban.<locals>._banFound)r.r/r2)r7r8r9r%r6r&�_observer_wait_before_incrban_s
	r:c@seZdZdZdS)�
ExitExceptionzException upon a normal exitN��__name__�
__module__�__qualname__�__doc__r%r%r%r&r;tsr;c@seZdZdZdS)�FailExitExceptionzException upon abnormal exitNr<r%r%r%r&rAysrAcGstt�rt�d�SdSdS)Nr�exit)�len�INTERACT�popr#r%r%r&�_test_input_command�s
rFFcGs2t||�}|�d�|�|rdnd�|��dS)N�
�)�open�writer�close)�fn�mode�lines�fr%r%r&�_write_file�s
rPcCs0d}zt|�}|��W�S|dk	r*|��XdS�N)rKrI�read)rLrOr%r%r&�
_read_file�srS�	/dev/null�:memory:r%�rHcCs�t|d�}|dkrt|d�}d}	|r�tr�dd�}
tjt||
d�|dksXtdt|���|dkrdd	}t�d
�}t	j
t|d�dd
�D]$}|�d�}|�|�r�d}t
|�q�t�d�}t	j
t|d�dd
�D]$}|�d�}|�|�r�d}t
|�q�|r�dnd}	nTt�|�tt|d�dddd|�dd�ddt|d�dt|d�dd|d d!d�
|	�r|tt||	�dfd"dd#d$|df|��|�r�tt|d%�df|��tjjtjk�r�tt|d��tt|d��|�r�tt|d%��|	�r�|	dk�r�tt||	��|�r.t�r.|D]&}
t�tj�tt|
��t||
���q|�rT|D]}
t|
d&|idd��q8d'\}}tjjtjk�r�ttjj�}tjjd(k�r�d)d*tjjf}|d+|f}d,|d-t|d�d.t|d�d/|f|d0dd1ttj�fS)2N�config�autozf2b-db.sqlite3�	jail.confcs�fdd�|D�S)z?Filters list of 'files' to contain only directories (under dir)csg|]}tt�|��r|�qSr%)r�pjoin)�.0rO��dirr%r&�
<listcomp>�sz2_start_params.<locals>.ig_dirs.<locals>.<listcomp>r%)r]�filesr%r\r&�ig_dirs�sz_start_params.<locals>.ig_dirs)�ignorez?We are about to overload use_stock_cfg from the one provided %s)�action.dzfilter.dz^dbfile\s*=z
fail2ban.confT)ZinplacerGzdbfile = :memory:z^backend\s*=�backend = pollingz
jail.localrH�w�[Definition]zloglevel = INFOzlogtarget = �%z%%zsyslogsocket = autoz	socket = �f2b.sockz
pidfile = �f2b.pidz	dbfile = zdbmaxmatches = 100zdbpurgeage = 1d�
[INCLUDES]�	[DEFAULT]ztmp = zfail2ban.local�tmp)r%�INFOr�-�vz
--loglevel�-c�-sz-p�--logtargetz--syslogsocketz	--timeout) rZrrZcopytree�STOCK_CONF_DIR�AssertionError�repr�re�compile�	fileinput�input�rstrip�match�print�os�mkdirrP�replace�unittest�F2B�	log_levelr�DEBUG�	_out_file�symlink�path�abspathrl�str�	verbosityr
�MAX_WAITTIME)rk�	use_stock�
use_stock_cfg�	logtarget�db�	f2b_local�jails�create_before_start�cfgZj_confr`�r�line�nZvvvZllevr%r%r&�
_start_params�s�



�








����$����r�cCs4z||�d�ddkWStk
r.YdSXdS)Nrqr�	INHERITEDF)�index�
ValueError��startparamsr%r%r&�_inherited_log�sr�c
CsXd}z"t|�}t�d|���}t|�WStk
rR}zt�|�W5d}~XYnX|S)Nz\S+)rSrurz�group�int�	Exceptionrr))�pidfile�pid�er%r%r&�_get_pid_from_file�s
r�c
sjt�d|t|�f�t|�r<|}t|d�}t|�s<t|d�}tjjtj	krtt|d�}t|�rft
|�nt�dd|�t|�s�t�d|�dSt�d	|�t|���dkr�d
Sz�t�d���dksΈt
��kr�td
�|f��t���s�WdSt
��tj�t��fdd�d��s t
��tj�t�d�t���WStk
�rd}zt�|�W5d}~XYnXdS)Nzcleanup: %rrhzfail2ban.pid�f2b.logr-z
no logfile %rzcleanup: no pidfile for %rTzcleanup pidfile: %rFzcleanup pid: %rrzpid %s of %s is invalidcst���SrQ)r�
pid_existsr%�r�r%r&�<lambda>+�z_kill_srv.<locals>.<lambda>r�cleanup: kill ready)rr)rrZrrr�r�rr�r��logr�r|�getpidr�rr��kill�signal�SIGTERMr3�SIGKILLr�Z	exception)r�ZpiddirZlogfiler�r%r�r&�	_kill_srv	s@





r�cst���fdd��}|S)z�Helper to decorate tests which receive in the last argument tmpdir to pass to kill_srv

	To be used in tandem with @with_tmpdir
	cs*|d}z�|f|��W�St|�XdS)N���)r�)�selfr$r��rOr%r&�wrapper:szwith_kill_srv.<locals>.wrapperr�rOr�r%r�r&�
with_kill_srv5sr�cs�fdd�}|S)z}Helper to decorate tests uses foreground server (as thread), started directly in test-cases

	To be used only in subclasses
	cstt����fdd���}|S)Nc
sfd}t���zz�t�fddi����t	d�j
���fd�}d|_|��t
tff����fdd	�	}|�_t��fd
d�t�����dd���j�d��d
�t�d��������f|�|�WW�ZStk
�r}z4td|����}|�rtd|�����W5d}~XYnXW5|�rZt�d���������dd��rZ|��t�XdS)Nz=== within server: end.  ===�endr�r�Z_TestCaseWorker)�name�targetr$Tcs���dd�s2tj�t�d��s2t��fdd�t���dd�s���|�d�t��fdd�t	���
��dd���jddd	t	d
�dd��_dS)Nr�rhcs��dd�dk	S�Nr���getr%��phaser%r&r�^r�zywith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEnd.<locals>.<lambda>�stopcs��dd�dk	Sr�r�r%r�r%r&r�cr��Shutdown successfulzExiting Fail2banT��all�waitc_sdSrQr%r4r%r%r&r�gr�)
r�r|r�rrZrr3r0�execCmdr��
assertTrue�assertLogged�stopAndWaitForServerEnd��code�r�r�r�rkr%r&�_stopAndWaitForServerEnd[szgwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEndcs��dd�dk	S)N�startr�r%r�r%r&r�jr�zWwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>.<lambda>r�)r�r�z=== within server: begin ===z=== Catch an exception: %sz#=== Error of server, log: ===
%s===)�dict�	DefLogSysr"�pruneLogr�r�rrr�r	�_testStartForegroundZdaemonr��SUCCESS�FAILEDrr3r�r��
_wait_for_srvr�r{�getLog)r�rkr$r5Zthr�r�r�)rO�
startextrar�r&r�IsB�


zEwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper)rrr��r�r�r&�
_deco_wrapperHs9z4with_foreground_server_thread.<locals>._deco_wrapperr%)r�r�r%r�r&�with_foreground_server_threadCs=r�c@sheZdZejZdd�Zdd�Zdd�Ze	ddd	��Z
ddd
�Zdd�Zdd�Z
eddid�dd��ZdS)�Fail2banClientServerBasecOsdSrQr%)r�r$r5r%r%r&�_setLogLevel�sz%Fail2banClientServerBase._setLogLevelcCs(t�|�dt_tjt_t|j�t	_
dS)zCall before every test case.r�N)r�setUpr�
DEF_LOGTARGETr��level�DEF_LOGLEVEL�staticmethod�
_test_exitr�_exit�r�r%r%r&r��s
zFail2banClientServerBase.setUpcCs(|jt_tt_tt_t�	|�t
�dS)zCall after every test case.N)�
_orig_exitrr��SRV_DEF_LOGTARGETrr��SRV_DEF_LOGLEVELr�r�tearDownrr�r%r%r&r��s

z!Fail2banClientServerBase.tearDownrcCs|dkrt��nt��dSr!)r;rAr�r%r%r&r��sz#Fail2banClientServerBase._test_exitTNcs��si�zlt|d��t���fdd�t�}|r8��d�rFtd|f��|rrt��fdd�t�}|srtd�|f��Wn^t|�r�td������	�t|d	�}t
|�r�t|�nt|�s�t�
d
|��YnXdS)Nrgcs��d�pt��Sr�)r�rr%)r��sockr%r&r��r�z8Fail2banClientServerBase._wait_for_srv.<locals>.<lambda>r�z9Unexpected: Socket file does not exists.
Start failed: %rcsd���kS)N�Server ready)r�r%r�r%r&r��r�zBUnexpected: Server ready was not found, phase %r.
Start failed: %rz,=== Error by wait fot server, log: ===
%s===r�z*No log file %s to examine details of error)rZrr3r�r�r�r�r{r�r�rr�rr))r�rkZreadyr�r��retr�r%)r�r�r�r&r��s:
����

z&Fail2banClientServerBase._wait_for_srvcGs*|�||jd|jdd�||�dS)Nrr)ZassertRaisesr)r�ZexitTyper�r$r%r%r&r��s�z Fail2banClientServerBase.execCmdc	CsJt�d�d|d<z|�td|d�W5d|d<d|d<t�d�XdS)Nzstart of test workerTr�Fr�zend of test worker)z-f)rr)r�r�)r�rkr�r�r%r%r&r��s
z-Fail2banClientServerBase._testStartForegroundr�)z[Thread]zstacksize = 32r�cCsR|��|�t|dd�|�d�|�t|d�|�t|d�|�t|dd�dS)Nr��threadz{'stacksize': 32}�ping�~~unknown~cmd~failed~~�echo�	TEST-ECHO)r�r�r�r�r��r�rkr�r%r%r&�testStartForeground�s
z,Fail2banClientServerBase.testStartForeground)r)TNN)r=r>r?rr�r�r�r�r�r�r�r�r�r�r�r�r%r%r%r&r��s	
r�c@steZdZeefZdd�Zdd�Zedd��Z	ee
dd���Zee
d	d
���Zee
dd���Z
ed
d��Zdd�ZdS)�Fail2banClientTestcCs,|�tttt���|�tttt���dSrQ)r�rrZ�BIN�CLIENT�SERVERr�r%r%r&�testConsistency�sz"Fail2banClientTest.testConsistencycCs�|�tdd�|�dt�|�d�|��|�tdd�|�t���|��|�tddd�|�dtj�|��|�tdd	d
�|�d�dS)Nr%�-h�Usage: �Report bugs to z-Vz-vqz	--versionz
Fail2Ban vz	--str2secZ1d12h30mZ131400)r�r�r�r�r�r
ZnormVersion�versionr�r%r%r&�testClientUsage�s
z"Fail2banClientTest.testClientUsagecCsPt|d�}|�t|d�|�d�|�d�|��|�t|d�|�d�dS)NTz-vvdz
Loading filesz['set', 'logtarget',z--dp)r�r�r�r�r�r�r%r%r&�testClientDump�s


z!Fail2banClientTest.testClientDumpcCs�t|d�}|�td|d�|j|d|d�|�d�|�d�zF|�t|d	d
�|�t|d�|��|�td|d�|�d�W5|��|�t|d�|�d�|�d�X|��|�t|d�|�d
�|�d�dS)NT�z-br�r�r��Exit with code 0r�r�r�r�r�zServer already runningzFailed to access socket pathzIs fail2ban running?)r�r�r�r�r�r�r�r�r%r%r&�testClientStartBackgroundInside
s&




z2Fail2banClientTest.testClientStartBackgroundInsidecCslt|t|d�d�}tjjr,|�t|d�n`tjtt	t
�f}t�d|�||d}t
j|tddd�}|�t|�ox|d	�|j|d|d
�|�d�|���z�|�t|dd�|�d�|�d�|��|�t|dd�|�d�|��tt|d��}z.t�|tj�t�t
j�|�t|dd�W5t�|tj�X|�d�|��tdddg7a|�t|d�|�d�|�dd�|�d�|��tdddg7a|�t|d�|�d �|�d
�|�d�|�d�|��td!dg7a|�t|d�|�d"�|��|�t|dd#�|�d"�|�d$�|��W5|��|�t|d�|�d
�|�d�XdS)%Nr��r�)r��Start %s ...)�--asyncr�FT�r8�shell�outputrr�r�r�r�r�r�r�r�z0.1zServer replied: pongrhz1e-10z	timed outzecho INTERACT-ECHOZstatusrBz-iz
INTERACT-ECHOZStatuszNumber of jail:�reload�restartzReading config files:zreload ~~unknown~jail~fail~~z@Failed during configuration: No section: '~~unknown~jail~fail~~'z~~unknown~jail~fail~~zExit with code 255) r�rZrr��fastr�r��sys�
executabler�r�rr)r�
executeCmdr�r�rCr�r�r�r�r|r�r��SIGCONT�SIGSTOPr*�sleepZDEFAULT_SHORT_INTERVALr�rD)r�rkr��cmdr�r�r%r%r&�testClientStartBackgroundCall)s~




�

�



�



z0Fail2banClientTest.testClientStartBackgroundCallcCs<t|dd�}|�tdddt|d�d�|�dt|d�d	�|��|�tdddt|d
�dt|d�d�|�d
t|d�d�|��|�tddt|d
�dt|d�d�|�d�|��tt|d�d���|�tdddt|d
�dt|d�d�|�d�|��t�	t|d��|�tdd�|�d�|��dS)Nr�r�r%rro�missr��Base configuration directory � does not existrWrp�
miss/f2b.sock�There is no directory � to contain the socket filergr�Could not find server�a�LFail2ban seems to be in unexpected state (not running but the socket exists)r��
r�r�r�rZr�r�rIrKr|�remover�r%r%r&�testClientFailStartsV���
�

z&Fail2banClientTest.testClientFailStartcCsXt|dd�}|�t|dd�|�d�|��|�t|dddd�|�d�|��dS)	Nr�r�rZjailrrz--xxxz"Unexpected argument(s) for reload:)r�r�r�r�r�r�r%r%r&�testClientFailCommands�s�
�
z)Fail2banClientTest.testClientFailCommandsc
CsXd}dD]J}d}t|d��2}|rH|��|r>tjjs>t�|�|d8}qW5QRXqdS)Ng�Q���?)r
r�r-r)rZ	heartbeatrr�rr*r)r�Z	sleeptime�verboseZcntrZvisr%r%r&�testVisualWait�s
z!Fail2banClientTest.testVisualWaitN)r=r>r?�_exec_clientr�rr�r�rr�r�r�rrrrr%r%r%r&r��s"
T#
r�c@s�eZdZeefZdd�Zeedd���Z	eedd���Z
eedd���Zed	d
��Ze
ddid
�dd��Zejjdd�e
dddd�d
�dd���Zejjdd�e
ddddd�d
�dd ���Ze
�d!d"��Zd#S)$�Fail2banServerTestcCs*|�tdd�|�dt�|�d�dS)Nr%r�r�r�)r�r�r�r�r�r%r%r&�testServerUsage�sz"Fail2banServerTest.testServerUsagecCs�t|t|d�d�}tjttt�f}t�d|�||d}tj	|t
ddd�}|�t|�o^|d�|j
|d|d	�|�d
�|��z"|�t|dd�|�t|d�W5|��|�t|d�|�d�|�d
�XdS)Nr�r�r�r�FTrrr�r�r�r�r�r�r�r�)r�rZrrr�r�rr)rr	r�r�rCr�r�r�r�r�r��r�rkr�r
r�r%r%r&�testServerStartBackground�s 

z,Fail2banServerTest.testServerStartBackgroundcCs�t|dd�}|�tddt|d��|�dt|d�d�|��|�tddt|d�d	d
t|d��|�dt|d�d
�|��tt|d�d���|�tddt|d�d
t|d��|�d�|��t�	t|d��dS)Nr�r�r%rorrrrWz-xrprrrrgrrrr�r%r%r&�testServerFailStart�s4���
z&Fail2banServerTest.testServerFailStartcCs�t|dd�}t|d�}|�d�|�t|d�|�d�tt|d�dd	d
d	dd�|�d
�|�t|d�|jddddd�|�d�|�t|dd�|jddddd�dS)Nr�r�rWz[test-phase 0]z--testz$OK: configuration test is successfulrYrrH�
[broken-jail]�filter = broken-jail-filter�enabled = truez[test-phase 0a]�.Unable to read the filter 'broken-jail-filter'zErrors in jail 'broken-jail'.z ERROR: test configuration failedT�r�z[test-phase 0b]z-tr�)r�rZr�r�r�r�rPr�)r�rkr�r�r%r%r&�testServerTestFailStart�s0


�
�
�z*Fail2banServerTest.testServerTestFailStartc
s�z�t�t�d�d�}tjttt�f}t�	d|�||d}t
j|tddd�}|�t
|�o`|d�|j�d|d	�|�d
�|��t�	d��W5|�t���Xt
��fdd
�t�|�tt�d���|�d�|��|�t���|�d�dS)NzGf2b.log[format="SRV: %(relativeCreated)3d | %(message)s", datetime=off]r�r�r�FTrrr�r�zKill server ... %scstt�d��S)Nrh)rrZr%�rkr%r&r�0r�z7Fail2banServerTest.testKillAfterStart.<locals>.<lambda>rhr�zcleanup: no pidfile for)r�r�r�rZrrr�r�rr)rr	r�rCr�r�r�r3�assertFalserr"r%r+r&�testKillAfterStarts(�

z%Fail2banServerTest.testKillAfterStartr�rXr�c
s�t|d��t|d��t|d��t|d��t�t�d��d��fd	d
�	}d�����fdd�	}|dd�|dd�|dgdddgd�tt�d�dddddd�t�dfttt����dfd��t�d�t�d�|�d�t	j
jtj
k�r�t��|�t|d�|jdd dtd!�|�d"��|�d#�|jd$d%dd&�|jd'd(dtd!�|jd)d*d+dd&�|�d,�|ddgd-�t�d.�t	j
jtj
k�r�t��|�t|d�|jdtd/�|jd0d#dd&�|jd"�d"�dd&�|jd1d2dd&�|jd3d4dd&�|jd5d6dd&�|�d7�|�d8�|dgd-�|dd9dd:dd;dd<�|�t|d�|jdtd/�|jd0d#dd&�|�d=�|jd1d>dd&�|�d?�|�d@�|�dA�|ddBdC�|ddgd-�|�dD�t�d.fttt����dEfdttt����dFfdttt����dGfdttt����dHfd��t	j
jtj
k�rbt��|jdIdJdtd!�|jdKdLdMdNdOdPdd&�|jdQdRdSdTdd&�t�t�d.�t�d.�|�dU�|�t|dVdW�|jddXdIdtd!�|jdYd4dZd[d\d]dd&�|jd^d_dtd!�|jd`dadd&�|�db�|�t|dcdWddde�|�t|dcdWdddf�|jdgdhdtd!�t�|�di�|�t|djdWdddk�|jdldmdedfdtd!�|�dn�|�t|djdodd�|jdpdqdrdldmdtd!�|�ds�|�t|dVdtdW�|jdd4dtd!�|jdYd4dZd[dd&�|jdudvdd&�|�dw�|jdxdydd&�|jdOdPdd&�|ddBdC�|gd-�|�dz�|�t|ddo�|jdtd/�|jd{d|dd&�|jd}d~ddd&�|�d��|dgd��|�t|d�|jdtd/�|�d{�|jd�dYdd&�|jd��d��dd&�|�d��t�d.fttt����d�fdttt����d�fdttt����d�fd��t	j
jtj
k�r�t��|jd�d�dtd!�|jd�d�d�d�dd&�|�d��|�d��|�t|d�d�d�d��|jd�d�dtd!�|�d��|�t|ddt�|jdtd/�|jd|d0d�d�d�dd&�|jd�dd#dKdLdMdd&�|�d��|�t|d�d�d��|jd�d�dd&�|�d��|dgd�d��|�t|d�|jdtd/�|jd�d�dd&�|�d��|dgd��|�t|d�|jdtd/�|�d��|�t|d�ddW�|jdtd/�|�d��|��|�t|d�dd�dW�|jdtd/�|jd3d4dd&�|�d��|�t|d�dd�d��|jdtd/�|jd�ddtd!�|�d��|�t|d�dcdod�d�d��|�t|d�djdod��|jd�d�dd&�dS)�NrW�	test1.logz	test2.logz	test3.logrb�test-action1TrHcsjt�dd|�}|s"t�|�dSt|ddddddd	d
dd|d
|d|d|d|�tjjtjkrft	|�dS)Nrb�%s.confrdrjz_exec_once = 0rHreznorestored = %(_exec_once)sz
restore = zinfo = z<_use_flush_ = echo '[%(name)s] %(actname)s: -- flushing IPs'z6actionstart =  echo '[%(name)s] %(actname)s: ** start'z7actionreload = echo '[%(name)s] %(actname)s: .. reload'zMactionban =    echo '[%(name)s] %(actname)s: ++ ban <ip> %(restore)s%(info)s'z;actionunban =  echo '[%(name)s] %(actname)s: -- unban <ip>'z5actionstop =   echo '[%(name)s] %(actname)s: __ stop')
rZr|rrPrr�r�rr�r�)�actname�allowr�rZban�unbanr�rL�r�r%r&�_write_action_cfgHs4
�zBFail2banServerTest.testServerReloadTest.<locals>._write_action_cfg�rr
r%�pollingc%stt�d�ddddddddd	d
dddd
|ddd|kr:dndd|krHdndd|krVdndd�d|krnd�ndd|kr�d�ndd	d|kr�dndd|kr�dndddd
|ddd|kr�dndd|kr�dndd�d|kr�dnd�#tjjtjkr�tt�d��dS)NrYrdrirHrj�usedns = no�maxretry = 3zfindtime = 10mzBfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>�datepattern = {^LN-BEG}EPOCHzignoreip = 127.0.0.1/8 ::1�[test-jail1]�
backend = �filter =z	action = rz*         test-action1[name='%(__name__)s']r
zj         test-action2[name='%(__name__)s', restore='restored: <restored>', info=', err-code: <F-ERRCODE>']�z�         test-action2[name='%(__name__)s', actname=test-action3, _exec_once=1, restore='restored: <restored>', actionflush=<_use_flush_>]�
logpath = z
          z@            ^\s*error <F-ERRCODE>401|403</F-ERRCODE> from <HOST>r'z[test-jail2]z�         test-action2[name='%(__name__)s', actname=test-action3, _exec_once=1, restore='restored: <restored>'] actionflush=<_use_flush_>]�rPrZrr�r�rr�r�)�enabled�actions�backend�r��test1logZtest2logZtest3logr%r&�_write_jail_cfg`sb�������%z@Fail2banServerTest.testServerReloadTest.<locals>._write_jail_cfg)r1�test-action2rr
r>)rArBrYrr%r&r'rdz# failure 401 from 192.0.2.1: test 1z[test-phase 1a]r�Reload finished.z1 ticket(s) in 'test-jail1r�zAdded logfile: %rz[test-jail1] Ban 192.0.2.1z-stdout: '[test-jail1] test-action1: ** start'z-stdout: '[test-jail1] test-action2: ** start'r)zPstdout: '[test-jail1] test-action2: ++ ban 192.0.2.1 restored: 0, err-code: 401'zAstdout: '[test-jail1] test-action3: ++ ban 192.0.2.1 restored: 0'r(z)Errors in jail 'broken-jail'. Skipping...z:Jail 'broken-jail' skipped, because of wrong configurationz[test-phase 1b])rB�w+)r�z[test-jail1] Unban 192.0.2.1z.stdout: '[test-jail1] test-action1: .. reload'z.stdout: '[test-jail1] test-action2: .. reload'zCreating new jail 'test-jail2'zJail 'test-jail2' startedz4stdout: '[test-jail1] test-action3: -- flushing IPs'z,stdout: '[test-jail1] test-action3: __ stop'z7stdout: '[test-jail1] test-action3: -- unban 192.0.2.1'z[test-phase 2a]z+               echo '[<name>] %s: started.'z,               echo '[<name>] %s: reloaded.'z+               echo '[<name>] %s: stopped.')r1r�rr�zAdded logfile:z.stdout: '[test-jail1] test-action1: reloaded.'z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.1'z,stdout: '[test-jail1] test-action2: __ stop'z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.1'F)r1r2z[test-phase 2b]z#   error 403 from 192.0.2.2: test 2z#   error 403 from 192.0.2.3: test 2z# failure 401 from 192.0.2.4: test 2z# failure 401 from 192.0.2.8: test 2z2 ticket(s) in 'test-jail2z5 ticket(s) in 'test-jail1z[test-jail1] Ban 192.0.2.2z[test-jail1] Ban 192.0.2.3z[test-jail1] Ban 192.0.2.4z[test-jail1] Ban 192.0.2.8z[test-jail2] Ban 192.0.2.4z[test-jail2] Ban 192.0.2.8z[test-jail2] Found 192.0.2.2z[test-jail2] Ban 192.0.2.2z[test-jail2] Found 192.0.2.3z[test-jail2] Ban 192.0.2.3z[test-phase 2c]rz
test-jail2zRestore BanzJail 'test-jail2' stoppedz[test-jail2] Unban 192.0.2.4z[test-jail2] Unban 192.0.2.8z"[test-jail2] Restore Ban 192.0.2.4z"[test-jail2] Restore Ban 192.0.2.8zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.4 restored: 1, err-code: 401'zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.8 restored: 1, err-code: 401'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.4 restored: 1'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.8 restored: 1'z[test-phase 2d]�set�banipz
192.0.2.21z
192.0.2.22z5stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22z6stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22 z[test-phase 2d.1]r�rGz	192.0.2.4z	192.0.2.8z[test-phase 2d.2]�
test-jail1z	192.0.2.1z	192.0.2.2z	192.0.2.3z[test-phase 2e]z--unbanz7stdout: '[test-jail2] test-action2: -- unban 192.0.2.21z8stdout: '[test-jail2] test-action2: -- unban 192.0.2.22'z4stdout: '[test-jail2] test-action3: -- flushing IPs'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.21'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.22'z[test-phase 3]zReload jail 'test-jail1'zJail 'test-jail1' reloadedzReload jail 'test-jail2'zJail 'test-jail2' reloadedzJail 'test-jail1' startedz[test-phase 4])rAzStopping jail 'test-jail2'zRemoved logfile: %rz[test-phase 5]z# failure 401 from 192.0.2.1: test 5z#   error 403 from 192.0.2.5: test 5z# failure 401 from 192.0.2.6: test 5z6 ticket(s) in 'test-jail1z%[test-jail1] 192.0.2.1 already bannedz[test-jail1] Found 192.0.2.1z[test-jail1] Found 192.0.2.6z[test-jail1] Ban 192.0.2.6z[test-jail1] Found 192.0.2.5z[test-phase 6]rr3z	192.0.2.5z	192.0.2.6z192.0.2.5 is not bannedz[test-jail1] Unban 192.0.2.6z[test-phase 7]z[test-jail1] Unban 192.0.2.2z[test-jail1] Unban 192.0.2.3z[test-jail1] Unban 192.0.2.4zJail 'test-jail1' stoppedz[test-phase 7b]�--allzFlush ban listz'Unbanned 0, 0 ticket(s) in 'test-jail1'z[test-phase 8a]zxxx-unknown-backend-zzz)rArCz0Restart jail 'test-jail1' (reason: 'polling' != zUnknown backend z[test-phase 8b]z[test-phase end-1]z$the jail 'test-jail2' does not existz--if-existsz[test-phase end-2]�	--restartz[test-phase end-3]Zaddignoreipz192.0.2.1/32z2001:DB8::1/96Zignoreip)r/TrHrHrHrHrH)r6r%r7)rZr|r}rPr�r�rr*r�rr�r�rr�r�r�r�r�r0�assertNotLoggedr1r��r�rkr�r5rFr%rDr&�testServerReloadTest8sd




�*

�&


�
���

������
��
����
�������


���	��
���
�
�
�������

��
���
�����

��
���

��
�

�
��
��
��z'Fail2banServerTest.testServerReloadTestznginx-block-map)�action)�%(tmp)s/blck-failures.log)rb)z[nginx-blck-lst]rcr8z#logpath = %(tmp)s/blck-failures.logzRaction = nginx-block-map[blck_lst_reload="", blck_lst_file="%(tmp)s/blck-lst.map"]z�         blocklist_de[actionban='curl() { echo "*** curl" "$*";}; <Definition/actionban>', email="Fail2Ban <fail2ban@localhost>", apikey="TEST-API-KEY", agent="fail2ban-test-agent", service=<name>]r=�datepattern = ^Epochz3failregex = ^ failure "<F-ID>[^"]+</F-ID>" - <ADDR>zmaxretry = 1r')r�r�r�cCs�t|d�}dd|i}dd|i}t|dttt����dttt����dttt����dttt����d	ttt����d
�|jddd
ddddtd�t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|jdddtd�|�t|dddd�t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|�t�|�d�t|�t	|�}|�|d�dS) NrWrSrkz%(tmp)s/blck-lst.maprIz" failure "125-000-001" - 192.0.2.1z" failure "125-000-002" - 192.0.2.1u1 failure "125-000-003" - 192.0.2.1 (òðåòèé)u1 failure "125-000-004" - 192.0.2.1 (òðåòèé)z" failure "125-000-005" - 192.0.2.1z [nginx-blck-lst] Ban 125-000-001z [nginx-blck-lst] Ban 125-000-002z [nginx-blck-lst] Ban 125-000-003z [nginx-blck-lst] Ban 125-000-004z [nginx-blck-lst] Ban 125-000-005z5 ticket(s)Tr�z\125-000-001 1;
z\125-000-002 1;
z\125-000-003 1;
z\125-000-004 1;
z\125-000-005 1;
z�stdout: '*** curl --fail --data-urlencode server=Fail2Ban <fail2ban@localhost> --data apikey=TEST-API-KEY --data service=nginx-blck-lst z=stdout: ' --data format=text --user-agent fail2ban-test-agentr3z125-000-001z125-000-002z125-000-005z5[nginx-blck-lst] Flush ticket(s) with nginx-block-maprH)rZrPr�r�rr*r�r0r�rS�assertInr�r��assertNotInr�ZassertEqual)r�rkr�r��lgfnZmpfnZmpr%r%r&�testServerActions_NginxBlockMap�s\
��	�

z2Fail2banServerTest.testServerActions_NginxBlockMapz
sendmail-auth)�filter)�%(tmp)s/test.logT)rjzdbmaxmatches = 1)z�test_action = dummy[actionstart_on_demand=1, init="start: %(__name__)s", target="%(tmp)s/test.txt",
      actionban='<known/actionban>;
        echo "<matches>"; printf "=====\n%%b\n=====\n\n" "<matches>" >> <target>']z[sendmail-auth]rcr8�logpath = %(tmp)s/test.log�action = %(test_action)sz%filter = sendmail-auth[logtype=short]rTr9zmaxmatches = 2r'z[sendmail-reject]rcr8r[r\z'filter = sendmail-reject[logtype=short]rTr9r')r�r�r�r�c
Cs`t|d�}dd|i}dd|i}ttt����dttt����dttt����df}ttt����dttt����d	ttt����d
f}|�d�t|df|��|jd
ddtd�t	|�t
|�}|d}	|�|	|�|dd�D]}	|�|	|�q�|�d�t|df|��|jdddtd�t	|�t
|�}|D]}	|�|	|��qD|�d�|�
t|ddd�|jddddtd�t
|�}|d}	|�|	�|�|	|�|dd�D]}	|�|	�|�|	|��q�|jdddtd�t
|�}|d}	|�|	�|�|	|�|dd�D]}	|�|	�|�|	|��q|�d�|�t�|�t|��dS)NrWrZrkz%(tmp)s/test.txtz] smtp1 sm-mta[5133]: s1000000000001: [192.0.2.1]: possible SMTP attack: command=AUTH, count=1z] smtp1 sm-mta[5133]: s1000000000002: [192.0.2.1]: possible SMTP attack: command=AUTH, count=2z] smtp1 sm-mta[5133]: s1000000000003: [192.0.2.1]: possible SMTP attack: command=AUTH, count=3z� smtp1 sm-mta[21134]: s2000000000001: ruleset=check_rcpt, arg1=<123@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <123@example.com>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s2000000000002: ruleset=check_rcpt, arg1=<345@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <345@example.com>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s3000000000003: ruleset=check_rcpt, arg1=<567@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <567@example.com>... Relaying denied. Proper authentication required.z[test-phase sendmail-auth]rIz[sendmail-auth] Ban 192.0.2.1z1 ticket(s) in 'sendmail-auth'Tr�rrz[test-phase sendmail-reject]z[sendmail-reject] Ban 192.0.2.2z 1 ticket(s) in 'sendmail-reject'z[test-phase restart sendmail-*]rrNrMrHz%[sendmail-auth] Restore Ban 192.0.2.1r�z'[sendmail-reject] Restore Ban 192.0.2.2z[test-phase stop server])rZr�r�rr*r�rPr�r0r�rSrVrUr�r�rOr�r,r)
r�rkr�r�rWZtofnZ	smaut_msgZ	smrej_msgZtd�mr%r%r&�testServerJails_SendmailAs�(
��
�
�
��

�



z+Fail2banServerTest.testServerJails_Sendmailcs�t|d��t|d��t�t�d��d/�fdd�	}d0��fd	d
�	}|ddd�|d
dd�|�t�d�|�d�|�t|d�t�dfttt	�
���dfd��t�|jdddt
d�t�|�d�td�t�|jddddt
d�t�|�d�d�t�fdd��t�dfttt	�
���dfd ��|jd!d"dt
d�|�d#�|�t|d$d%d&d'�|jd(d)dt
d�d�t�|�d*�td+�t�|jd,dt
d�t�|�d-�|�t|d$d%d&d'�|jd(d.dt
d�dS)1NrWr.rbr/Tc	sHt�dd|�}t|ddddd|r&dndd	�tjjtjkrDt|�dS)
Nrbr0rdrjrHrezeactionban =     printf %%s "[%(name)s] %(actname)s: ++ ban <ip> -c <bancount> -t <bantime> : <F-MSG>"ziactionprolong = printf %%s "[%(name)s] %(actname)s: ++ prolong <ip> -c <bancount> -t <bantime> : <F-MSG>"zBactionunban =   printf %%b '[%(name)s] %(actname)s: -- unban <ip>')rZrPrr�r�rr�r�)r1�prolongrLr4r%r&r5�s��	z@Fail2banServerTest.testServerObserver.<locals>._write_action_cfgr7cs`tt�d�ddddddddd	d
dddd
|dddd�ddd�tjjtjkr\tt�d��dS)NrYrdrirHrjr8r9z
findtime = 1mzbantime = 5mzbantime.increment = truer:r;r<r=z*action = test-action1[name='%(__name__)s']z*         test-action2[name='%(__name__)s']r?zXfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>:\s*<F-MSG>.*</F-MSG>$r'r@)rC)r�rEr%r&rF�s0�z>Fail2banServerTest.testServerObserver.<locals>._write_jail_cfgF)r1r_rGrdz[test-phase 0) time-0]rrIz> failure 401 from 192.0.2.11: I'm bad "hacker" `` $(echo test)r>zDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 1 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 1 -t 300 : r�z[test-phase 1) time+10m]�
z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.11z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.11z0 ticket(s) in 'test-jail1'z[test-phase 2) time+10m]cs�SrQr%r%)�wakeObsr%r&r�r�z7Fail2banServerTest.testServerObserver.<locals>.<lambda>zC failure 401 from 192.0.2.11: I'm very bad "hacker" `` $(echo test)r
zDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 2 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 2 -t 300 : z"[test-phase 2) time+10m - get-ips]r�rLrKz--with-timez
192.0.2.11z+ 300 =z[test-phase 2) time+11m]rzHstdout: '[test-jail1] test-action2: ++ prolong 192.0.2.11 -c 2 -t 600 : z"[test-phase 2) time+11m - get-ips]z+ 600 =)r/T)r7)rZr|r}rPr�r�r�r�r�rr*r1r�r0r,r:rPr%)r�rErar&�testServerObserver�s�



��
�
��
�
�
�z%Fail2banServerTest.testServerObserverN)r=r>r?�_exec_serverr�rr!rr�r#r$r*r-r�rQrr�Zskip_if_cfg_missingrXr^rbZ_testServerStartStopZtestServerStartStopr%r%r%r&r �sH

;�:�&L
yr )FNrTrUr%rVN)_�
__author__Z
__copyright__Z__license__rwr|rurr*r�r�os.pathrrZrrrr�	functoolsrZ	threadingr	Zclientrrr
Zclient.fail2bancmdlinerZclient.fail2banclientrrrZclient.fail2banserverrrcrHrrZ
server.mytimerZserver.utilsrZutilsrrr�rrrrrrrrrZhelpersr r=r�r�Z
getServerPathr�r�ZmaxWaitTimer�r0r�r�r�r�r'rr,r.r1r:r;rAr�r�rDrFZ
input_commandZ
PRODUCTIONZdumpFiler�rPrSr�r�r�r�r�r�r�r�r r%r%r%r&�<module>s�,
����
�
W
,E`[
@ Telegram