HEX
Server: Apache
System: Linux nc-ph-0707-26.instaforreviews.com 3.10.0-1160.119.1.el7.tuxcare.els13.x86_64 #1 SMP Fri Nov 22 06:29:45 UTC 2024 x86_64
User: qirgxuo4hkuv (1004)
PHP: 8.3.27
Disabled: NONE
$ pwd: /etc/fail2ban/action.d/
Upload Files
File: //etc/fail2ban/action.d/badips.pyc
�
��_c@sddlZejddfkr0ed��nddlZddlZddlZejdfkr�ddlmZmZddl	m
Z
ddlmZn,dd	l
mZmZmZddlm
Z
dd
lmZmZmZddlmZmZdefd
��YZeZdS(i����Niis'badips.py action requires Python >= 2.7i(tRequestturlopen(t	urlencode(t	HTTPError(RRR(tActionst
ActionBaset	BanTicket(t
splitwordststr2LogLeveltBadIPsActionc
BsXeZdZdZdZd�Zddd d d ddded	�	Zed
d��Z	dd
�Z
ed�Zd d�Z
ed��Zejd��Zed��Zejd��Zed��Zejd��Zed��Zejd��Zed��Zejd��Zd�Zd�Zd�Zd�Zd�Zd�ZRS(!sFail2Ban action which reports bans to badips.com, and also
	blacklist bad IPs listed on badips.com by using another action's
	ban method.

	Parameters
	----------
	jail : Jail
		The jail which the action belongs to.
	name : str
		Name assigned to the action.
	category : str
		Valid badips.com category for reporting failures.
	score : int, optional
		Minimum score for bad IPs. Default 3.
	age : str, optional
		Age of last report for bad IPs, per badips.com syntax.
		Default "24h" (24 hours)
	banaction : str, optional
		Name of banaction to use for blacklisting bad IPs. If `None`,
		no blacklist of IPs will take place.
		Default `None`.
	bancategory : str, optional
		Name of category to use for blacklisting, which can differ
		from category used for reporting. e.g. may want to report
		"postfix", but want to use whole "mail" category for blacklist.
		Default `category`.
	bankey : str, optional
		Key issued by badips.com to retrieve personal list
		of blacklist IPs.
	updateperiod : int, optional
		Time in seconds between updating bad IPs blacklist.
		Default 900 (15 minutes)
	loglevel : int/str, optional
		Log level of the message when an IP is (un)banned.
		Default `DEBUG`.
		Can be also supplied as two-value list (comma- or space separated) to
		provide level of the summary message when a group of IPs is (un)banned.
		Example `DEBUG,INFO`.
	agent : str, optional
		User agent transmitted to server.
		Default `Fail2Ban/ver.`

	Raises
	------
	ValueError
		If invalid `category`, `score`, `banaction` or `updateperiod`.
	i
shttps://www.badips.comcKst|di|jd6|�S(Ntheaderss
User-Agent(Rtagent(tselfturltargv((s /etc/fail2ban/action.d/badips.pyt_RequestZsit24hi�tDEBUGtFail2Banc

Cs�tt|�j||�||_||_||_||_||_||_|pX||_	||_
t|
�}
t|
d�|_
t|
d�|_|	|_t�|_d|_dS(Ni����i(tsuperR	t__init__ttimeoutRtcategorytscoretaget	banactiontbancategorytbankeyRRtsumlogleveltlogleveltupdateperiodtsett
_bannedipstNonet_timer(
RtjailtnameRRRRRRRRRR((s /etc/fail2ban/action.d/badips.pyR]s								icCscyBttdjtjg�didd6�d|�}tdfSWntk
r^}t|fSXdS(Nt/R
Rs
User-AgentRt(RRtjoinR	t_badipstTruet	ExceptiontFalse(Rtresponsete((s /etc/fail2ban/action.d/badips.pytisAvailablessR&cCsXi}y"tj|j�jd��}WnnX|jjd||jdd��dS(Nsutf-8s%s. badips.com response: '%s'terrtUnknown(tjsontloadstreadtdecodet_logSysterrortget(RR,twhattmessages((s /etc/fail2ban/action.d/badips.pytlogError|s"	cCsy7t|jdj|jddg��d|j�}Wn&tk
r_}|j|d��n�Xtj|j	�j
d��}d|kr�d|f}|jj|�t
|��n|d}td�|D��}|r�|jtd	�|D���n|Sd
S(s�Get badips.com categories.

		Returns
		-------
		set
			Set of categories.

		Raises
		------
		HTTPError
			Any issues with badips.com request.
		ValueError
			If badips.com response didn't contain necessary information
		R%R7t
categoriesRsFailed to fetch categoriessutf-8sEbadips.com response lacked categories specification. Response was: %scss|]}|dVqdS(tNameN((t.0tvalue((s /etc/fail2ban/action.d/badips.pys	<genexpr>�scss%|]}d|kr|dVqdS(tParentN((R=R>((s /etc/fail2ban/action.d/badips.pys	<genexpr>�sN(RRR'R(RRR:R1R2R3R4R5R6t
ValueErrorRtupdate(Rt
incParentsR,t
response_jsonR/R;tcategories_names((s /etc/fail2ban/action.d/badips.pyt
getCategories�s&4

	cCs�y�djdj|jdd|t|�g�ti|d6�g�}|rqdj|ti|d6�g�}n|jjd|�t|j|�d	|j�}Wn&t	k
r�}|j
|d
��n Xt|j�j
d�j��SdS(
s�Get badips.com list of bad IPs.

		Parameters
		----------
		category : str
			Valid badips.com category.
		score : int
			Minimum score for bad IPs.
		age : str
			Age of last report for bad IPs, per badips.com syntax.
		key : str, optional
			Key issued by badips.com to fetch IPs reported with the
			associated key.

		Returns
		-------
		set
			Set of bad IPs.

		Raises
		------
		HTTPError
			Any issues with badips.com request.
		t?R%R7tlistRt&tkeysbadips.com: get list, url: %rRsFailed to fetch bad IP listsutf-8N(R'R(tstrRR5tdebugRRRRR:RR3R4tsplit(RRRRRIR
R,((s /etc/fail2ban/action.d/badips.pytgetList�s$%"cCs|jS(s)badips.com category for reporting IPs.
		(t	_category(R((s /etc/fail2ban/action.d/badips.pyR�scCsE||j�kr8|jjd|�td|��n||_dS(NsICategory name '%s' not valid. see badips.com for list of valid categoriessInvalid category: %s(RER5R6R@RN(RR((s /etc/fail2ban/action.d/badips.pyR�s
cCs|jS(s+badips.com bancategory for fetching IPs.
		(t_bancategory(R((s /etc/fail2ban/action.d/badips.pyR�scCsW|dkrJ||jdt�krJ|jjd|�td|��n||_dS(NtanyRBsICategory name '%s' not valid. see badips.com for list of valid categoriessInvalid bancategory: %s(RER)R5R6R@RO(RR((s /etc/fail2ban/action.d/badips.pyR�s
$cCs|jS(s-badips.com minimum score for fetching IPs.
		(t_score(R((s /etc/fail2ban/action.d/badips.pyR�scCsDt|�}d|ko#dknr4||_ntd��dS(NiisScore must be 0-5(tintRQR@(RR((s /etc/fail2ban/action.d/badips.pyR�scCs|jS(s,Jail action to use for banning/unbanning.
		(t
_banaction(R((s /etc/fail2ban/action.d/badips.pyR�scCsV|dk	rI||jjkrI|jjd||jj�td��n||_dS(Ns!Action name '%s' not in jail '%s'sInvalid banaction(R!t_jailtactionsR5R6R$R@RS(RR((s /etc/fail2ban/action.d/badips.pyRs
cCs|jS(s<Period in seconds between banned bad IPs will be updated.
		(t
_updateperiod(R((s /etc/fail2ban/action.d/badips.pyRscCs4t|�}|dkr$||_ntd��dS(Nis,Update period must be integer greater than 0(RRRVR@(RR((s /etc/fail2ban/action.d/badips.pyRsc
Cs�x�|D]�}y9tjt|�|j�}|jj|jj|�WnPtk
r�}|jj	d||jj
|j|d|jj�tj
k�qX|jj|�|jj|jd||jj
|j�qWdS(Ns6Error banning IP %s for jail '%s' with action '%s': %stexc_infos+Banned IP %s for jail '%s' with action '%s'(Rt
ActionInfoRRTRURtbanR*R5R6R$tgetEffectiveLeveltloggingRR taddtlogR(RtipstiptaiR-((s /etc/fail2ban/action.d/badips.pyt_banIPss
	c
Cs�x�|D]�}z�y9tjt|�|j�}|jj|jj|�WnPtk
r�}|jj	d||jj
|j|d|jj�tj
k�n)X|jj|jd||jj
|j�Wd|jj|�XqWdS(Ns8Error unbanning IP %s for jail '%s' with action '%s': %sRWs-Unbanned IP %s for jail '%s' with action '%s'(RRXRRTRURtunbanR*R5R6R$RZR[RR]RR tremove(RR^R_R`R-((s /etc/fail2ban/action.d/badips.pyt	_unbanIPs*s
	cCs |jdk	r|j�ndS(s*If `banaction` set, blacklists bad IPs.
		N(RR!RA(R((s /etc/fail2ban/action.d/badips.pytstart;scCs7|jdk	r3|jr1|jj�d|_nz�|j|j|j|j|j�}|j	|}t
|�}|j|�||j	}t
|�}|j|�|dks�|dkr�|j
j|jd|jj||�n|j
jd|jj|j�Wdtj|j|j�|_|jj�XndS(s�If `banaction` set, updates blacklisted IPs.

		Queries badips.com for list of bad IPs, removing IPs from the
		blacklist if no longer present, and adds new bad IPs to the
		blacklist.
		is#Updated IPs for jail '%s' (-%d/+%d)s&Next update for jail '%' in %i secondsN(RR!R"tcancelRMRRRRR tlenRdRaR5R]RRTR$RKRt	threadingtTimerRARe(RR^tstmtp((s /etc/fail2ban/action.d/badips.pyRAAs,	




	cCsN|jdk	rJ|jr1|jj�d|_n|j|jj��ndS(s.If `banaction` set, clears blacklisted IPs.
		N(RR!R"RfRdR tcopy(R((s /etc/fail2ban/action.d/badips.pytstopcs
	
cCs�y`dj|jd|jt|d�g�}|jjd|�t|j|�d|j�}Wn&t	k
r�}|j
|d��n6Xtj|j
�jd��}|jjd|d	�d
S(s�Reports banned IP to badips.com.

		Parameters
		----------
		aInfo : dict
			Dictionary which includes information in relation to
			the ban.

		Raises
		------
		HTTPError
			Any issues with badips.com request.
		R%R\R_sbadips.com: ban, url: %rRs
Failed to bansutf-8s%Response from badips.com report: '%s'tsucN(R'R(RRJR5RKRRRRR:R1R2R3R4(RtaInfoR
R,R9((s /etc/fail2ban/action.d/badips.pyRYls+"	N(t__name__t
__module__t__doc__tTIMEOUTR(RR!RtstaticmethodR.R:R+RERMtpropertyRtsetterRRRRRaRdReRARnRY(((s /etc/fail2ban/action.d/badips.pyR	's8/	
%'						"		(tsystversion_infotImportErrorR1RhR[turllib.requestRRturllib.parseRturllib.errorRturllib2turllibtfail2ban.server.actionsRRRtfail2ban.helpersRRR	tAction(((s /etc/fail2ban/action.d/badips.pyt<module>s �a
@ Telegram