HEX
Server: LiteSpeed
System: Linux 112.webhostingindonesia.co.id 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User: iyfwylsv (10313)
PHP: 8.2.30
Disabled: NONE
$ pwd: /lib/python3.9/site-packages/fail2ban/tests/__pycache__/
Upload Files
File: //lib/python3.9/site-packages/fail2ban/tests/__pycache__/actiontestcase.cpython-39.pyc
a

ILs��vX�@s�dZdZdZddlZddlZddlZddlZddlmZm	Z	m
Z
ddlmZm
Z
ddlmZd	d
lmZd	dlmZmZmZGdd
�d
e�ZdS)z
Cyril Jaquierz Copyright (c) 2004 Cyril Jaquier�GPL�N�)�
CommandAction�
CallingMap�substituteRecursiveTags)�OrderedDict�Actions)�Utils�)�	DummyJail)�
pid_exists�with_tmpdir�LogCaptureTestCasec@s�eZdZdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
edd��Zdd�Z
edd��Zedd��Zedd��Zedd��Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Zd3d4�Zd5d6�Zd7S)8�CommandActionTestcs>t���tdd��_d�_�jj���fdd�}|�j_dS)zCall before every test case.NZTestFcsd�_��S)NT)�"_CommandActionTest__action_started��Zorgstart�selfr�A/usr/lib/python3.9/site-packages/fail2ban/tests/actiontestcase.py�
_action_start1sz.CommandActionTest.setUp.<locals>._action_start)r�setUpr�_CommandActionTest__actionr�start)rrrrrr*s
zCommandActionTest.setUpcCs|jr|j��t�|�dS)zCall after every test case.N)rr�stopr�tearDown�rrrrr6s
zCommandActionTest.tearDownc
Cs�dddd�}|�tdd��|�tdd��|�tdd��|�td	d��|�td
d��|�ttd��dd
ddd��|�ttd��dddd
ddd��|�ttd��td��|�tdd��|�tdd��|�tddi�ddi�|�tddd��d dd��|�td!d"d#��d$d"d#��|�td%d"d#��d&d"d#��|�td'd(d)d*��d+d(d)d*��|�t|�dd,d-d��|�td.d/d0��d1d/d0��|�td.d/d2d3��d2d/d2d3��|�td4d5d2d3��d6d5d2d3��dS)7N�	192.0.2.0z
123 <HOST>z	890 <ABC>��HOST�ABC�xyzcSstddi�S)N�A�<A>�rrrrr�<lambda>D�z?CommandActionTest.testSubstituteRecursiveTags.<locals>.<lambda>cSstddd��S)N�<B>r"�r!�Br#rrrrr$Fr%cSstdddd��S)Nr&�<C>r")r!r(�Cr#rrrrr$Hr%cSstddddd��S)Nzto=<B> fromip=<IP>r&r)�)r!r*r(�Dr#rrrrr$Kr%cSstddddd��S)Nzto=<honeypot> fromip=<IP>z
<honeypot>z<sweet>r+)�	failregexZsweet�honeypot�ignoreregexr#rrrrr$Mr%))�Xzx=x<T>��T�1)�Zz<X> <T> <Y>��Yzy=y<T>zx=x1r3zy=y1zx=x1 1 y=y1)r0r2r6r4))r0zx=x<T> <Z> <<R1>> <<R2>>)�R1r4)�R2r6r1)r4z<T> <Y>r5zx=x1 1 y=y1 1 y=y1 y=y1r4r6z1 y=y1)r0r7r8r2r4r6)
)�actionstartzgipset create <ipmset> hash:ip timeout <bantime> family <ipsetfamily>
<iptables> -I <chain> <actiontype>)�ipmsetz
f2b-<name>��name�any�ZbantimeZ600�ZipsetfamilyZinet)�iptablesziptables <lockingopt>�Z
lockingoptz-w��chainZINPUT)�
actiontypez<multiport>)�	multiportzY-p <protocol> -m multiport --dports <port> -m set --match-set <ipmset> src -j <blocktype>��protocolZtcp��portZssh�Z	blocktypeZREJECT)
)r9z�ipset create f2b-any hash:ip timeout 600 family inet
iptables -w -I INPUT -p tcp -m multiport --dports ssh -m set --match-set f2b-any src -j REJECT)r:zf2b-anyr;r>r?)r@ziptables -wrArB)rD�I-p tcp -m multiport --dports ssh -m set --match-set f2b-any src -j REJECT)rErKrFrHrJcSsttd��S)N)�r!z<<B><C>>�r(r,�r*�E�ZDEz	cycle <A>�rrrrrrr$yr%cSsttd��S)N)rPrLrMrNrQrrrrr$~r%r!r)z<C> <D> <X>Zfun)r!r0z<C> <D> funz<C> <B>Zcoolr'z<C> coolz
<matches> <B>z<matches> coolz/to=<honeypot> fromip=<IP> evilperson=<honeypot>Zpokier+)r-r.r/z%to=pokie fromip=<IP> evilperson=pokiez
123 192.0.2.0z890 123 192.0.2.0z<<PREF>HOST>ZIPV4)r!�PREFz
<IPV4HOST>z1.2.3.4)r!rRZIPV4HOSTzA <IP<PREF>HOST> B IP<PREF> CZV4zA 1.2.3.4 B IPV4 C)�assertRaises�
ValueError�assertEqualrr�r�aInforrr�testSubstituteRecursiveTags<sv����������� ��
���
�
�z-CommandActionTest.testSubstituteRecursiveTagscs�tddd�ddd���t��ddd��d<��t�fdd��t��d	�d
<��t�fdd�����j�d��d
����j�d��d���t��fdd�����j�d��d	�dS)NrcSsdS)Nz<A><A>rrrrrr$�r%zHCommandActionTest.testSubstRec_DontTouchUnusedCallable.<locals>.<lambda>r+)r!r(r*r,cSsdt|d�S)N�r!��int)r�irrrr$�r%r*cs�dS)Nr*rr��cmrrr$�r%�test=<C>r,cst��S�Nr#rr]rrr$�r%ztest=<A>ztest=0ztest=<A>--<B>--<A>ztest=0--<A><A>--0cs�j�d��S)Nr_)r�
replaceTagr�r^rrrr$�r%z<D>)r)rrrS�ZeroDivisionErrorrUrrarrrbr�$testSubstRec_DontTouchUnusedCallable�s �z6CommandActionTest.testSubstRec_DontTouchUnusedCallablecCs�dddd�}|�|j�d|�d�|�|j�d|�d�|�|j�d	|�d
�|�|j�ddd
i�d�|�|j�ddd
i�d�|�|j�dddi�d�d|d<|�|j�d	|�d�|�|j�dtdd�d��d�dS)Nr�123Z890rzText<br>textz	Text
textzText <HOST> textzText 192.0.2.0 textzText <xyz> text <ABC> ABCzText 890 text 123 ABCz	<matches>�matchesz$some >char< should \< be[ escap}ed&
z,some \>char\< should \\\< be\[ escap\}ed\&\nz<ipmatches>Z	ipmatchesz<ipjailmatches>Z
ipjailmatchesz%some >char< should \< be[ escap}ed&
z.some \>char\< should \\\< be\[ escap\}ed\&\r\nz<xyz>rzText 890 text 890 ABCz09 <matches> 11cSstd�S�N�
��strrrrrr$�r%z2CommandActionTest.testReplaceTag.<locals>.<lambda>�rfz09 10 11�rUrrarrVrrr�testReplaceTag�sZ�������������z CommandActionTest.testReplaceTagcCs$|�|j�dtdd�d��d�dS)N�abccSstd�S�N�arZrrrrr$�r%z4CommandActionTest.testReplaceNoTag.<locals>.<lambda>rkrlrrrr�testReplaceNoTag�s��z"CommandActionTest.testReplaceNoTagcs�t�jdd�t�jdd�t�jdd�t�jdd�t�jd	d
�t�jdd���td
�fdd��t�jd���td�fdd��dS)Nrpz<a�bzc>zb?family=inet6zb>Zac�<a><b>�abz<ac>zx?family=inet6r+z/properties contain self referencing definitionscs�jjd�jjdd�S)Nrs�family=inet4��conditional�rra�_propertiesrrrrr$�s�z?CommandActionTest.testReplaceTagSelfRecursion.<locals>.<lambda>z.possible self referencing definitions in querycs�jjd�jjdd�S)NzZ<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>�family=inet6rvrxrrrrr$�s�)�setattrrZassertRaisesRegexrT�delattrrrrr�testReplaceTagSelfRecursion�s
�
�z-CommandActionTest.testReplaceTagSelfRecursionc	Cspt|jdd�t|jdd�t|jdd�t|jdd�t|jd	d
�|jj}td�D]d}|�|jjd|jjd
|d�d�|�|jjd|jjd|d�d�|�|jjd|jjd|d�d�qV|�t|�dk�t|jdd�|�t|�d�td�D]d}|�|jjd|jjd
|d�d�|�|jjd|jjd|d�d�|�|jjd|jjd|d�d�q�|�t|�dk�dS)Nrnrezabc?family=inet4Z345zabc?family=inet6Z567r z	890-<abc>Z	banactionzText <xyz> text <abc>rz<banaction> '<abc>'r+)rw�cachezText 890-123 text 123 '123'ruzText 890-345 text 345 '345'rzzText 890-567 text 567 '567'�z	000-<abc>rzText 000-123 text 123 '123'zText 000-345 text 345 '345'zText 000-567 text 567 '567')	r{rZ_substCache�rangerUrary�
assertTrue�len)rr~r\rrr�testReplaceTagConditionalCacheds`������������z1CommandActionTest.testReplaceTagConditionalCachedcCs�|d7}d||j_|jj|j_|�|jjd|�d||j_|�|jjd|�d|j_|�|jjd�d||j_|�|jjd|�d|j_|�|jjd�|��|�	d�|j�
ddi�|�d	�|�d
�|j��|�|jj�dS)N�/fail2ban.test�
touch '%s'�
rm -f '%s'z<actioncheck> && echo -n�[ -e '%s' ]�trueZreturned�ip�Invariant check failedzreturned successfully)
rr9�actionrepairrU�
actionstop�	actionban�actioncheck�actionunban�pruneLog�assertNotLogged�ban�assertLoggedr�r�tmprrr�testExecuteActionBan*s&



z&CommandActionTest.testExecuteActionBancCs�d|j_d|j_d|j_d|j_|j��|j�i�|��|j�i�|j	ddd�|j�i�|�d�|j�
�|j�i�|j��|j	ddd�|�d�dS)	Nr+zecho -n 'flush'zecho -n 'stop'�
Nothing to doT��wait�	[phase 2]r)
rr�r�Zactionflushr�rr�r��unbanr��flushrr�rrrr�testExecuteActionEmptyUnbanDs 



z-CommandActionTest.testExecuteActionEmptyUnbancCsL|d7}d|j_d||j_d||j_d||j_|j��|j��dS)Nr�rztouch '%s.<HOST>'zrm -f '%s.<HOST>'z[ -e '%s.192.0.2.0' ])rrr9r�r�rZconsistencyCheckr�rrr�testExecuteActionStartCtagsXs
z-CommandActionTest.testExecuteActionStartCtagscCs�|d7}d|j_d||j_d||j_d||j_|�t|jjddi�|jddd	d
�|�	d�d||j_d||j_d
||j_d||j_|j�ddi�|�d�|�
d�dS)Nr�r+r��rm '%s'r�r�r��Unable to restore environmentT��allr�r�z-<actioncheck> && printf "%%%%b
" <ip> >> '%s')rr9r�r�r�rS�RuntimeErrorr�r�r�r�r�rrr�(testExecuteActionCheckRestoreEnvironmentbs

z:CommandActionTest.testExecuteActionCheckRestoreEnvironmentc	Cs8|d7}d||j_d||j_d||j_d||j_d||j_d|j_|j��dD]�}|�d	|�|j�	d
di�|j
dd
dd�|jdddd|jjr�dnddddd�t�
|�|��|j�	d
di�|j
dddd|jjr�dnddddddd�|jj�r"d|j_qZ|jjsZd|j_qZdS)Nr�ztouch '%s'; echo 'started ...'r�z![ -e '%s' ] && echo 'banned '<ip>zB[ -e '%s' ] && echo 'check ok' || { echo 'check failed'; exit 1; }�echo 'repair ...'; touch '%s'F)r
rrz
[phase %s]r��	192.0.2.1z
stdout: %rzbanned 192.0.2.1Tr��Invariant check failed. Tryingzcheck failedz
repair ...zstarted ...zcheck okz	192.0.2.2zbanned 192.0.2.2r+)rr9r�r�r�r�Zactionstart_on_demandrr�r�r�r��os�remove)rr�r\rrr�"testExecuteActionCheckOnBanFailureus@
��
�

z4CommandActionTest.testExecuteActionCheckOnBanFailurecCs�|d7}d|j_d|j_d||j_d||j_d||j_|j�ddi�|jddd	d
�|��d|j_|�	t
|jjddi�|jdddd	d
�dS)Nr�r+r�r�r�r�r�zecho 'repair ...'Tr�r�)rr9r�r�r�r�r�r�r�rSr�r�rrr�'testExecuteActionCheckRepairEnvironment�s �z9CommandActionTest.testExecuteActionCheckRepairEnvironmentcCs.|�tt|jd�d|j_|�|jjd�dS)N�ROSTr)rS�AttributeError�getattrrr�rUrrrr�testExecuteActionChangeCtags�sz.CommandActionTest.testExecuteActionChangeCtagscCsPtdddd�d��}d|j_d|j_|j�|�|j�|�|jdd	d
d�dS)Nrer�cSsdddd�S)N�o���tester)�fidZfport�userrrrrrr$�s�z?CommandActionTest.testExecuteActionUnbanAinfo.<locals>.<lambda>)rr�zF-*zFecho '<ABC>, failure <F-ID> of <F-USER> -<F-TEST>- from <ip>:<F-PORT>'z$echo '<ABC>, user <F-USER> unbanned'z> -- stdout: '123, failure 111 of tester -- from 192.0.2.1:222'z' -- stdout: '123, user tester unbanned'Tr�)rrr�r�r�r�r�rVrrr�testExecuteActionUnbanAinfo�s�	�z-CommandActionTest.testExecuteActionUnbanAinfocCs^d|j_|j��|�|j�d��|�d�|��|�|j�d��|�d�|��dS)Nr+r�)rr9rr��
executeCmdr�r�Z_processCmdrrrr�testExecuteActionStartEmpty�s


z-CommandActionTest.testExecuteActionStartEmptycCs6|�|jjddddd�d��|jddd	d
dd�dS)
NzUprintf %b "foreign input:\n -- $f2bV_A --\n -- $f2bV_B --\n -- $(echo -n $f2bV_C) --"z I'm a hacker; && $(echo $f2bV_B)zI"m very bad hackerz#`Very | very
$(bad & worst hacker)`)Zf2bV_AZf2bV_BZf2bV_C)ZvarsDictzforeign input:z' -- I'm a hacker; && $(echo $f2bV_B) --z -- I"m very bad hacker --z* -- `Very | very $(bad & worst hacker)` --Tr�)r�rr�r�rrrr�testExecuteWithVars�s
���z%CommandActionTest.testExecuteWithVarscCs�d|j_d|j_d|j_gd�}ddd�|�d�}|��|j�|�|jd	|d
|dg|�Rdd
i�|jd|d
dd
d�|��|j�	|�|j�
�|jd|d
dd
d�dS)Nz3echo "** ban <ip>, reason: <reason> ...\n<matches>"zecho "** unban <ip>"zecho "** stop monitoring")z
<actionunban>z" Hooray! #z`I'm cool script kiddyz7`I`m very cool > /here-is-the-path/to/bin/.x-attempt.shz<actionstop>r�zAhacking attempt ( he thought he knows how f2b internally works ;)�
)r��reasonrfz	** ban %sr�r�r�Tz** unban %sz** stop monitoringr�)rr�r�r��joinr�r�r�r�r�r)rrfrWrrr� testExecuteReplaceEscapeWithVars�s4�����
�z2CommandActionTest.testExecuteReplaceEscapeWithVarscCst�d�|�d�dS)Nz+/bin/ls >/dev/null
bogusXXX now 2>/dev/nullz HINT on 127: "Command not found"�rr�r�rrrr�testExecuteIncorrectCmds
z)CommandActionTest.testExecuteIncorrectCmdcCsvt��}tjjsdnd}|�tjd|d��|�t��||koRt��||dk�|jdddd�|�dd	�dS)
Nr
g{�G�z�?zsleep 30��timeoutz -- timed out afterTr�� -- killed with SIGTERM� -- killed with SIGKILL)	�time�unittestZF2B�fast�assertFalserr�r�r�)r�stimer�rrr�testExecuteTimeouts*�z$CommandActionTest.testExecuteTimeoutcsPt�dd��t�d��}|�d��Wd�n1s:0Yd���fdd�}�fdd	��t���|�tjd
�|d�����|�t	�
�fdd
�d��|�dd�|�d�|�dd�t�
�d�t���|�tjd�|d�����|�t	�
�fdd
�d��|�dd�|�d�|�dd�t�
��t�
�d�dS)Nz.shZ	fail2ban_�wzo#!/bin/bash
		trap : HUP EXIT TERM

		echo "$$" > %s.pid
		echo "my pid $$ . sleeping lo-o-o-ong"
		sleep 30
		rcs��dupt���dkS�NrY)r�r)�getnastypidr�rr�
getnasty_touts
�zLCommandActionTest.testExecuteTimeoutWithNastyChildren.<locals>.getnasty_toutc	shd}tj��d�rdt�d��4}zt|���}WntyDYn0Wd�n1sZ0Y|S)N�.pid)r��path�isfile�openr[�readrT)�cpid�f)�tmpFilenamerrr�$s$zJCommandActionTest.testExecuteTimeoutWithNastyChildren.<locals>.getnastypidzbash %sr�cs
t��Sr`�rr�r�rrr$5r%zGCommandActionTest.testExecuteTimeoutWithNastyChildren.<locals>.<lambda>rzmy pid z Resource temporarily unavailablez	timed outzkilled with SIGTERMzkilled with SIGKILLr�zout=`bash %s`; echo ALRIGHTcs
t��Sr`r�rr�rrr$Cr%z
 -- timed outr�r�)�tempfile�mktempr��writer�r�rr�r�r	�wait_forr�r��unlink)rr�r�r)r�r�r�r�r�#testExecuteTimeoutWithNastyChildrensB�$�
��
�
z5CommandActionTest.testExecuteTimeoutWithNastyChildrencCs,t�d�|�d�t�d�|�d�dS)Nzecho "How now brown cow"zstdout: 'How now brown cow'
z7echo "The rain in Spain stays mainly in the plain" 1>&2z6stderr: 'The rain in Spain stays mainly in the plain'
r�rrrr�testCaptureStdOutErrLs

��z&CommandActionTest.testCaptureStdOutErrcCs>tdd�dd�ddd�}|�d|d�|�td	d�|�dS)
NcSstd�Srgrirrrrr$Ur%z2CommandActionTest.testCallingMap.<locals>.<lambda>cSstd�SrorZrrrrr$Ur%�string�)Zcallme�errorZ
dontcallme�numberz)%(callme)s okay %(dontcallme)s %(number)iz10 okay string 17cSsd|S)Nz	%(error)ir)�xrrrr$]r%)rrUrSrT)rZmymaprrr�testCallingMapTs��z CommandActionTest.testCallingMapcCsTtdd�dd�dd��}|��d|d<|d=|�t|�d	�|�d|�|�|d|d
fd�|��t|�}|�t|�d�|�d|�|�|d|d
|dfd
�d|d<|��}dd�|d<d|d<|d
=|d=|�d
|v�|�d|v�|�	d
|v�|�	d|v�|�|d|d
|d|dfd�|�|d|dfd�dS)NcSsdSr�rrrrrr$ar%z8CommandActionTest.testCallingMapModify.<locals>.<lambda>cSs|ddS�Nrp�rrrrrr$br%�test�rprr�c�rpr�rrr)r�rhr)rY�r��dddd�dcSs|ddS)Nrp�rrrrrr$wr%r
)rYr�r�r�)r
�)
r�resetrUr��assertNotIn�repr�assertIn�copyr�r�)r�m�s�m2rrr�testCallingMapModify_s8�$z&CommandActionTest.testCallingMapModifycCs�tdd�dd�dd��}t|�}|�d|�|�d|�|�d|�|�d	�}|�d
|�|�d|�|�d|�dd�|d
<|�d	�}|�d
|�|�d|�|�d|�|�d|�dS)NcSsdSr�rrrrrr$�r%z5CommandActionTest.testCallingMapRep.<locals>.<lambda>cSs|ddSr�rrrrrr$�r%r+r�z'a': z'b': z'c': ''Tz'a': 5z'b': 11cSs|ddS)NZxxxr�rrrrrr$�r%r�z'c': )rr�r�r�Z_asrepr)rr�r�rrr�testCallingMapRep�s&�

z#CommandActionTest.testCallingMapRepcCsRtt��}d|_d|_|��|jddd�d|_|jddd�d|_|��dS)Ng-C��6?TzActions: enter idle moderhr�FzActions: leave idle mode)rrZ	sleeptimeZidlerr�Zactiver�)rrprrr�testActionsIdleMode�s
z%CommandActionTest.testActionsIdleModeN)�__name__�
__module__�__qualname__rrrXrdrmrqr}r�r
r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrr(s@c()

	

&

=#r)�
__author__�
__copyright__�__license__r�r�r�r�Z
server.actionrrrZserver.actionsrrZserver.utilsr	Z	dummyjailr�utilsrr
rrrrrr�<module>s
@ Telegram