HEX
Server: LiteSpeed
System: Linux 112.webhostingindonesia.co.id 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User: iyfwylsv (10313)
PHP: 8.2.30
Disabled: NONE
$ pwd: /lib/python3.9/site-packages/fail2ban/tests/__pycache__/
Upload Files
File: //lib/python3.9/site-packages/fail2ban/tests/__pycache__/fail2banclienttestcase.cpython-39.pyc
a

�ӷ�\����@s�dZdZdZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZm
Z
mZmZmZddlmZddlmZdd	lmZmZmZdd
lmZddlmZmZmZddl m!Z!mZ"dd
l#m$Z$ddl%m%Z%ddl&m'Z'ddl(m)Z)ddl*m+Z+m,Z-m.Z.m/Z/m0Z0m1Z1m2Z3m4Z4m5Z5ddl6m7Z7e7e8�Z,dZ9dZ:ee!�;��Z<e	j=�>e	j=j?�Z?e	j=�>e	j=j@�Z@e?de_?e,e_,e_,e_,e%jAZBe%jCZDdd�ZEeEe_Fe_Fe_Fe$_Fdd�ZGe%jHZHdd�ZIe@fdd�ZJGdd�dejK�ZKGd d!�d!ejK�ZLeKZMeLZNgaOd"d#�ZPePe_Qd$e_Re_Re+jSZTd%d&�ZUd'd(�ZVd?d-d.�ZWd/d0�ZXd1d2�ZYd3d4�ZZd5d6�Z[ifd7d8�Z\Gd9d:�d:e+�Z]Gd;d<�d<e]�Z^Gd=d>�d>e]�Z_dS)@zSerg BresterzICopyright (c) 2014- Serg G. Brester (sebres), 2008- Fail2Ban Contributors�GPL�N)�join�isdir�isfile�exists�dirname��wraps)�Thread�)�fail2banclient�fail2banserver�fail2bancmdline)�Fail2banCmdLine)�exec_command_line�CSocket�
VisualWait)�Fail2banServerr)�protocol)�server)�MyTime)�Utils�)	�LogCaptureTestCase�logSys�with_tmpdir�shutil�logging�STOCK�
CONFIG_DIR�TEST_NOW�tearDownMyTime)�	getLoggerzfail2ban-clientzfail2ban-servercGst�|d�dS�Nr)r�info��args�r'�I/usr/lib/python3.9/site-packages/fail2ban/tests/fail2banclienttestcase.py�_test_outputJsr)cCs&t�d|�t�t��|d�dS)Nz===>>> time shift + %s min�<)r�debugrZsetTime�time)�shiftr'r'r(�_time_shiftQsr.cCs*tjdur&tj�t�tj�td�dS)z$Helper to wait observer becomes idleN�)�	Observers�MainZ
wait_empty�MID_WAITTIMEZ	wait_idler'r'r'r(�_observer_wait_idleYs
r3cs.tjdur*tjj����fdd�}|tj_dS)zOHelper to block observer before increase bantime until some condition gets trueNcs:�tj_t�d�t����t�d��|i|��dS)Nz4  [Observer::banFound] *** observer blocked for testz.  [Observer::banFound] +++ observer runs again)r0r1�banFoundrr+r�wait_for�r&�kwargs�Z
_obs_banFound�cond�timeoutr'r(�	_banFoundds


z0_observer_wait_before_incrban.<locals>._banFound)r0r1r4)r9r:r;r'r8r(�_observer_wait_before_incrban_s
	r<c@seZdZdZdS)�
ExitExceptionzException upon a normal exitN��__name__�
__module__�__qualname__�__doc__r'r'r'r(r=tsr=c@seZdZdZdS)�FailExitExceptionzException upon abnormal exitNr>r'r'r'r(rCysrCcGstt�rt�d�SdSdS)Nr�exit)�len�INTERACT�popr%r'r'r(�_test_input_command�s
rHFcGs2t||�}|�d�|�|rdnd�|��dS)N�
�)�open�writer�close)�fn�mode�lines�fr'r'r(�_write_file�s
rRcCs@d}z$t|�}|��W|dur&|��Sn|dur:|��0dS�N)rK�readrM)rNrQr'r'r(�
_read_file�s��rU�	/dev/null�:memory:r'�rJcCs�t|d�}|dkrt|d�}d}	|r�tr�dd�}
tjt||
d�|durLd}t�d	�}tjt|d
�dd�D]$}|�	d
�}|�
|�r�d}t|�qjt�d�}tjt|d�dd�D]$}|�	d
�}|�
|�r�d}t|�q�|r�dnd}	nTt�
|�tt|d
�dddd|�dd�ddt|d�dt|d�dd|dd d�
|	�rftt||	�dgd!dd"d#|df|�R�|�r�tt|d$�dg|�R�tjjtjk�r�tt|d
��tt|d��|�r�tt|d$��|	�r�|	dk�r�tt||	��|�rt�r|D]&}
t�tj�tt|
��t||
���q�|�r>|D]}
t|
d%|id��q$d&\}}tjjtjk�r�ttjj�}tjjd'k�r�d(d)tjjf}|d*|f}d+|d,t|d�d-t|d�d.|f|d/dd0ttj�fS)1N�config�autozf2b-db.sqlite3�	jail.confcs�fdd�|D�S)z?Filters list of 'files' to contain only directories (under dir)csg|]}tt�|��r|�qSr')r�pjoin)�.0rQ��dirr'r(�
<listcomp>��z2_start_params.<locals>.ig_dirs.<locals>.<listcomp>r')r_�filesr'r^r(�ig_dirs�sz_start_params.<locals>.ig_dirs)�ignore)�action.dzfilter.dz^dbfile\s*=z
fail2ban.confT)ZinplacerIzdbfile = :memory:z^backend\s*=�backend = pollingz
jail.localrJ�w�[Definition]zloglevel = INFOzlogtarget = �%z%%zsyslogsocket = autoz	socket = �f2b.sockz
pidfile = �f2b.pidz	dbfile = zdbmaxmatches = 100zdbpurgeage = 1d�
[INCLUDES]�	[DEFAULT]ztmp = zfail2ban.local�tmp)r'�INFOr�-�vz
--loglevel�-c�-sz-p�--logtargetz--syslogsocketz	--timeout)r\rr�copytree�STOCK_CONF_DIR�re�compile�	fileinput�input�rstrip�match�print�os�mkdirrR�replace�unittest�F2B�	log_levelr�DEBUG�	_out_file�symlink�path�abspathro�str�	verbosityr�MAX_WAITTIME)rn�	use_stock�
use_stock_cfg�	logtarget�db�	f2b_local�jails�create_before_start�cfgZj_confrc�r�line�nZvvvZllevr'r'r(�
_start_params�s�










�
���$��
��r�cCs2z||�d�ddkWSty,YdS0dS)Nrtr�	INHERITEDF)�index�
ValueError��startparamsr'r'r(�_inherited_log�sr�c
CsZd}z"t|�}t�d|���}t|�WStyT}zt�|�WYd}~n
d}~00|S)Nz\S+)rUrwr|�group�int�	Exceptionrr+)�pidfile�pid�er'r'r(�_get_pid_from_file�s
 r�c
slt�d|t|�f�t|�r<|}t|d�}t|�s<t|d�}tjjtj	krtt|d�}t|�rft
|�nt�dd|�t|�s�t�d|�dSt�d	|�t|���dur�d
Sz�t�d���dksΈt
��kr�td
�|f��t���s�WdSt
��tj�t��fdd�d��s t
��tj�t�d�t���WSt�yf}zt�|�WYd}~n
d}~00dS)Nzcleanup: %rrkzfail2ban.pid�f2b.logr/z
no logfile %rzcleanup: no pidfile for %rTzcleanup pidfile: %rFzcleanup pid: %rrzpid %s of %s is invalidcst���SrS)r�
pid_existsr'�r�r'r(�<lambda>)raz_kill_srv.<locals>.<lambda>r�cleanup: kill ready)rr+rr\rr�r�r�rr�r��logr�r~�getpidr�rr��kill�signal�SIGTERMr5�SIGKILLr��	exception)r�ZpiddirZlogfiler�r'r�r(�	_kill_srvs@





 r�cst���fdd��}|S)z�Helper to decorate tests which receive in the last argument tmpdir to pass to kill_srv

	To be used in tandem with @with_tmpdir
	cs2|d}z�|g|�R�Wt|�St|�0dS)N���)r�)�selfr&r��rQr'r(�wrapper8s�zwith_kill_srv.<locals>.wrapperr�rQr�r'r�r(�
with_kill_srv3sr�cs�fdd�}|S)z}Helper to decorate tests uses foreground server (as thread), started directly in test-cases

	To be used only in subclasses
	cstt����fdd���}|S)Nc
s�d}t���z��z�t�fddi����td�j���fd�}d|_|��ttff����fdd�	}|�_t	�
�fdd	�t�����
d
d���j�d��d�t�d��������g|�Ri|��WW|�rt�d
���������
dd��r|��t�St�yb}z<td|����}|�rLtd|�����WYd}~n
d}~00W|�r�t�d
���������
dd��r�|��t�n>|�r�t�d
���������
dd��r�|��t�0dS)Nr�r��_TestCaseWorker��name�targetr&Tcs�t���dd�s8tj�t�d��s8t��fdd�t���dd�s���	|�d�t��fdd�t
�����dd���jddd	t
d
�dd��_
dS)N�endrkcs��dd�duS�Nr���getr'��phaser'r(r�]razywith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEnd.<locals>.<lambda>�stopcs��dd�duSr�r�r'r�r'r(r�bra�Shutdown successfulzExiting Fail2banT��all�waitc_sdSrSr'r6r'r'r(r�fra)r!r�r~r�rr\rr5r2�execCmdr��
assertTrue�assertLogged�stopAndWaitForServerEnd��code�r�r�r�rnr'r(�_stopAndWaitForServerEndYszgwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>._stopAndWaitForServerEndcs��dd�duS)N�startr�r'r�r'r(r�irazWwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper.<locals>.<lambda>r��r�r�z=== within server: begin ===z=== within server: end.  ===r�z=== Catch an exception: %sz#=== Error of server, log: ===
%s===)�dictr�r
�_testStartForeground�daemonr��SUCCESS�FAILEDr�rr5r�r�r��
_wait_for_srv�	DefLogSysr$�pruneLogrr!r�r}�getLog)r�rnr&r7�thr�r�r�)rQ�
startextrar�r(r�Gs`�
	
�
�
zEwith_foreground_server_thread.<locals>._deco_wrapper.<locals>.wrapper)rr	r��r�r�r(�
_deco_wrapperFs:z4with_foreground_server_thread.<locals>._deco_wrapperr')r�r�r'r�r(�with_foreground_server_threadAs>r�c@s�eZdZejZdd�Zdd�Zdd�Ze	ddd	��Z
ddd
�Zdd�Zdd�Z
dd�Zeddid�dd��Zeedd���ZdS)�Fail2banClientServerBasecOsdSrSr')r�r&r7r'r'r(�_setLogLevel�sz%Fail2banClientServerBase._setLogLevelcCs(t�|�dt_tjt_t|j�t	_
dS)zCall before every test case.r�N)r�setUpr�
DEF_LOGTARGETr��level�DEF_LOGLEVEL�staticmethod�
_test_exitr�_exit�r�r'r'r(r��s
zFail2banClientServerBase.setUpcCs(|jt_tt_tt_t�	|�t
�dS)zCall after every test case.N)�
_orig_exitrr��SRV_DEF_LOGTARGETrr��SRV_DEF_LOGLEVELr�r�tearDownr!r�r'r'r(r��s

z!Fail2banClientServerBase.tearDownrcCs|dkrt��nt��dSr#)r=rCr�r'r'r(r��sz#Fail2banClientServerBase._test_exitTNcs��si�zlt|d��t���fdd�t�}|r8��d�rFtd|f��|rrt��fdd�t�}|srtd�|f��Wn^t|�r�td������	�t|d	�}t
|�r�t|�nt|�s�t�
d
|��Yn0dS)Nrjcs��d�pt��Sr�)r�rr')r��sockr'r(r��raz8Fail2banClientServerBase._wait_for_srv.<locals>.<lambda>r�z9Unexpected: Socket file does not exists.
Start failed: %rcsd���vS)N�Server ready)r�r'r�r'r(r��razBUnexpected: Server ready was not found, phase %r.
Start failed: %rz,=== Error by wait for server, log: ===
%s===r�z*No log file %s to examine details of error)r\rr5r�r�r�r�r}r�r�rr�rr+)r�rn�readyr�r��retr�r')r�r�r�r(r��s8
����

z&Fail2banClientServerBase._wait_for_srvcGs*|�||jd|jdd�||�dS)Nrr)ZassertRaisesr)r�ZexitTyper�r&r'r'r(r��s�z Fail2banClientServerBase.execCmdcGs>||�d�d}t|�}z|�|�W|��S|��0dS)Nrsr)r�r�sendrM)r�r�r&r��sr'r'r(�
execCmdDirect�s
�z&Fail2banClientServerBase.execCmdDirectc	Csdt�d�d|d<z0|�td|d�Wd|d<d|d<t�d�nd|d<d|d<t�d�0dS)Nzstart of test workerTr��z-fFr�zend of test worker)rr+r�r�)r�rnr�r�r'r'r(r��s
�z-Fail2banClientServerBase._testStartForegroundr�)z[Thread]zstacksize = 128r�cCsR|��|�t|dd�|�d�|�t|d�|�t|d�|�t|dd�dS)Nr��threadz{'stacksize': 128}�ping�~~unknown~cmd~failed~~�echo�	TEST-ECHO)r�r�r�r�r��r�rnr�r'r'r(�testStartForeground�s
z,Fail2banClientServerBase.testStartForegroundc		s�tjst�d��t|d�}t�|�}|j��}|�d�|��t	||dd�}ddi}�fdd	�}t
d
|||fd�}|��z&��t
d|d
�Wd|d<|��nd|d<|��0�jdddd�dS)NzSkip test because no databaseztmp.dbz#UPDATE fail2banDb SET version = 555r�)r�r�r�Tcs$t��fdd�t�s ��|d�dS)Ncs
�dS)Nr�r'r'r�r'r(r��raz[Fail2banClientServerBase.testStartFailsInForeground.<locals>._stopTimeout.<locals>.<lambda>r�)rr5r�r�r�r�r�r(�_stopTimeout�szIFail2banClientServerBase.testStartFailsInForeground.<locals>._stopTimeoutr�r�r�r�Fz/Attempt to travel to future version of database�Exit with code 255�r�)rZ
Fail2BanDbr��SkipTestr\Z_dbZcursorZ
executescriptrMr�r
r�r�r�rr�)	r�rnZdbnamer��curr�r�r�r�r'r�r(�testStartFailsInForeground�s2




�
�
�z3Fail2banClientServerBase.testStartFailsInForeground)r)TNN)r?r@rArr�r�r�r�r�r�r�r�r�r�r�r�r�rr�rr'r'r'r(r��s	


r�c@steZdZeefZdd�Zdd�Zedd��Z	ee
dd���Zee
d	d
���Zee
dd���Z
ed
d��Zdd�ZdS)�Fail2banClientTestcCs,|�tttt���|�tttt���dSrS)r�rr\�BIN�CLIENT�SERVERr�r'r'r(�testConsistencysz"Fail2banClientTest.testConsistencycCs�|�tdd�|�dt�|�d�|��|�tdd�|�t���|��|�tddd�|�dtj�|��|�tdd	d
�|�d�dS)Nr'�-h�Usage: �Report bugs to z-Vz-vqz	--versionz
Fail2Ban vz	--str2secZ1d12h30mZ131400)r�r�r�rr�r�normVersion�versionr�r'r'r(�testClientUsages
z"Fail2banClientTest.testClientUsagecCsPt|d�}|�t|d�|�d�|�d�|��|�t|d�|�d�dS)NTz-vvdz
Loading filesz['set', 'logtarget',z--dp)r�r�r�r�r�r�r'r'r(�testClientDump&s


z!Fail2banClientTest.testClientDumpcCst|d�}|�td|d�|j|d|d�|�d�|�d�zp|�t|dd�|�t|d	�|��|�td|d�|�d
�W|��|�t|d�|�d�|�d�n,|��|�t|d�|�d�|�d�0|��|�t|d�|�d
�|�d�dS)NT�z-br�r�r��Exit with code 0r�r�r�zServer already runningr�r�zFailed to access socket pathzIs fail2ban running?)r�r�r�r�r�r�r�r�r'r'r(�testClientStartBackgroundInside2s.



�

z2Fail2banClientTest.testClientStartBackgroundInsidecCs�t|t|d�d�}tjjr,|�t|d�n`tjtt	t
�f}t�d|�||d}t
j|tddd�}|�t|�ox|d	�|j|d|d
�|�d�|���z|�t|dd
�|�d
�|�d�|��|�t|dd�|�d�|��tt|d��}z<t�|tj�t�t
j�|�t|dd�Wt�|tj�nt�|tj�0|�d�|��zd	dl}Wn4t �y�}zt�!d|��WYd}~n
d}~00t"gd�7a"|�t|d�|�d�|�dd�|�d�|��t"gd�7a"|�t|d�|�d�|�d�|�d�|�d�|��t"ddg7a"|�t|d�|�d �|��|�t|d!d"�|�d �|�d#�|��W|��|�t|d$�|�d�|�d�n,|��|�t|d$�|�d�|�d�0dS)%Nr��r�)r��Start %s ...)�--asyncr�FT�r:�shell�outputrr�r�r�r�rr�z0.1zServer replied: pongrkz1e-10z	timed outz%Skip test because of import error: %s)zecho INTERACT-ECHO�statusrDz-iz
INTERACT-ECHOZStatuszNumber of jail:)�reload�restartrDzReading config files:r�zreload ~~unknown~jail~fail~~rDz@Failed during configuration: No section: '~~unknown~jail~fail~~'rz~~unknown~jail~fail~~r�r�)#r�r\r�r��fastr�r��sys�
executablerrrr+r�
executeCmdr�r�rEr�r�r�r�r~r�r��SIGSTOPr,�sleepZDEFAULT_SHORT_INTERVALr��SIGCONT�readline�ImportErrorr�rF)r�rnr��cmdr�r�r!r�r'r'r(�testClientStartBackgroundCallQs~



 
$





�




�
z0Fail2banClientTest.testClientStartBackgroundCallcCs�t|dd�}|�tdddt|d�d�|�dt|d�d	�|��|�tddt|d
�dt|d�d
�|�d�|��tt|d�d���|�tdddt|d
�dt|d�d�|�d�|��t�	t|d��|�tdd�|�d�|��dS)Nr�rr'rrr�missr��Base configuration directory � does not existrYrsrjr�Could not find server�a�LFail2ban seems to be in unexpected state (not running but the socket exists)r�
r�r�r�r\r�r�rKrMr~�remover�r'r'r(�testClientFailStart�s*��
�

z&Fail2banClientTest.testClientFailStartcCsXt|dd�}|�t|dd�|�d�|��|�t|dddd�|�d�|��dS)	Nr�rrZjailr(rz--xxxz"Unexpected argument(s) for reload:)r�r�r�r�r�r�r'r'r(�testClientFailCommands�s�
�
z)Fail2banClientTest.testClientFailCommandsc	Csld}dD]^}d}t|d��<}|rH|��|r>tjjs>t�|�|d8}qWd�q1s\0YqdS)Ng�Q���?)rr�r/r)rZ	heartbeatr�r�rr,r)r�Z	sleeptime�verboseZcntrZvisr'r'r(�testVisualWait�s
z!Fail2banClientTest.testVisualWaitN)r?r@rA�_exec_clientrrrrrr
r�rr$r-r.r1r'r'r'r(rs"
Y
rc@s�eZdZeefZdd�Zeedd���Z	eedd���Z
eedd���Zed	d
��Ze
ddid
�dd��Zejjdd�e
dddd�d
�dd���Zejjdd�e
ddddd�d
�dd ���Ze
�d!d"��Zd#S)$�Fail2banServerTestcCs*|�tdd�|�dt�|�d�dS)Nr'rrr	)r�r�r�rr�r'r'r(�testServerUsage�sz"Fail2banServerTest.testServerUsagecCst|t|d�d�}tjttt�f}t�d|�||d}tj	|t
ddd�}|�t|�o^|d�|j
|d|d	�|�d
�|��zL|�t|dd�|�t|d
�W|��|�t|d�|�d�|�d�n,|��|�t|d�|�d�|�d�0dS)Nr�rrrFTrrr�r�r�r�r�r�r�r)r�r\rrrrrr+rrr�r�rEr�r�r�r�r�r��r�rnr�r#r�r'r'r(�testServerStartBackground�s(

�
z,Fail2banServerTest.testServerStartBackgroundc
Cs�t|dd�}|�tddt|d��|�dt|d�d�|��tt|d�d	���|�tddt|d
�dt|d��|�d�|��t�	t|d��dS)
Nr�rr'rrr%r&r'rjr)rYrsr*r+r�r'r'r(�testServerFailStarts
��
z&Fail2banServerTest.testServerFailStartcCs�t|dd�}t|d�}|�d�|�t|d�|�d�tt|d�dd	d
d	dd�|�d
�|�t|d�|jddddd�|�d�|�t|dd�|jddddd�dS)Nr�rrYz[test-phase 0]z--testz$OK: configuration test is successfulr[r)rJ�
[broken-jail]�filter = broken-jail-filter�enabled = truez[test-phase 0a]�.Unable to read the filter 'broken-jail-filter'zErrors in jail 'broken-jail'.z ERROR: test configuration failedTr�z[test-phase 0b]z-tr�)r�r\r�r�r�r�rRr�)r�rnr�r�r'r'r(�testServerTestFailStarts(


�
�
�z*Fail2banServerTest.testServerTestFailStartc
s
z�t�t�d�d�}tjttt�f}t�d|�||d}tj	|t
ddd�}|�t|�o`|d�|j
�d|d	�|�d
�|��t�d��W|�t���n|�t���0t��fdd
�t
�|�tt�d���|�d�|��|�t���|�d�dS)NzGf2b.log[format="SRV: %(relativeCreated)3d | %(message)s", datetime=off]rrrFTrrr�r�zKill server ... %scstt�d��S)Nrk)rr\r'�rnr'r(r�Qraz7Fail2banServerTest.testKillAfterStart.<locals>.<lambda>rkr�zcleanup: no pidfile for)r�r\rrrrrr+rrr�r�rEr�r�r�r�r5�assertFalserr5r'r=r(�testKillAfterStart=s(�
 
z%Fail2banServerTest.testKillAfterStartr�rZr�cs�
t|d��t|d��t|d��t|d��t�t�d��dȇfd	d
�	}dɇ���fdd�	}|dd�|dd�|dggd�d�tt�d�dddddd�t�dgttt����dfd�R�t�d�t�d�|�d�t	j
jtj
k�r�t��|�t|d�|jdd dtd!�|�d"��|�d#�|jd$d%dd&�|jd'd(dtd!�|jd)d*d+dd&�|�d,�|dd-gd.�t	j
jtj
k�r�t��|�t|d�|jdtd/�|jd0d#dd&�|jd"�d"�dd&�|jd1d2dd&�|jd3d4dd&�|jd5d6dd&�|�d7�|�d8�|dgd.�|dd9dd:dd;dd<�|�t|d�|jdtd/�|jd0d#dd&�|�d=�|jd1d>dd&�|�d?�|�d@�|�dA�|ddBdC�|d-dgd.�|�dD�t�dEgttt����dFfdttt����dGfdttt����dHfdttt����dIfd�R�t	j
jtj
k�rZt��|jdJdKdtd!�|�t|dLdMdNdO�|jdPtd/�|jdQdRdSdTdUdVdWdd&�|jdXdYdZd[dd&�t�|�|�|d\�d]d^gd_�idMgd`�igf�|�|�|d\dadbdc�d]d^gd^dMgggf�|�|�|ddd^d\�dgd_��|�|�|dddMd\�dgd`��|�|�|ddd^d\de�dd�|�|�|ddd^d\dO�dd]�|�|�|ddd^d\dedO�ddd]g�|�df�|�t|dgdM�|jddhdPdtd!�|jdidjdkdld4dmdndodd&�	|jdpdqdtd!�|jdrdsdd&�|�dt�|�t|dLdMdNdu�|�t|dLdMdNdv�|jdwdxdtd!�t�|�dy�|�t|dddMdNdz�|jdbd{dudvdtd!�|�d|�|�t|ddd^dN�|jdad}dedbd{dtd!�|�d~�|�t|dgddM�|jdd4dtd!�|jdld4didjdkdd&�|jd�d�dd&�|�d��|jd�d�dd&�|jdUdVdd&�|ddBdC�|gd.�|�d��|�t|dd^�|jdtd/�|jd�d�dd&�|jd�d�d�dd&�|�d��|dgd��|�t|d�|jdtd/�|�d��|jd�dldd&�|jd��d��dd&�|�d��t�dEgttt����d�fdttt����d�fdttt����d�fd�R�t	j
jtj
k�r�t��|jd�d�dtd!�|jd�d�d�d�dd&�|�d��|�d��|�t|d�d�d�d��|jd�d�dtd!�|�d��|�t|d�d�d��|jd�d�dtd!�|�t|d�d�d�d��|jd�d�dtd!�|�d��|�t|d�dLd^dNd�d��|jd�d�dtd!�|�t|d�dLd^d�d��|jd�d�dtd!�|�d��|�t|dd�|jdtd/�|jd�d0d�dd&�|jd�d�d#dSdd&�|�d��|�t|d�d�d��|jd�d�dd&�|�d��|dgd�d��|�t|d�|jdtd/�|jd�d�dd&�|�d��|dgd��|�t|d�|jdtd/�|�d��|�t|d�ddM�|jdtd/�|�d��|��|�t|d�dd�dM�|jdtd/�|jd3d4dd&�|�d��|�t|d�dd�d��|jdtd/�|jd�d�dtd!�|�dá|�t|d�dLd^d�d�dơ|�t|d�ddd^dǡ|jd�d�dd&�dS)�NrY�	test1.logz	test2.logz	test3.logre�test-action1TrJcsjt�dd|�}|s"t�|�dSt|ddddddd	d
dd|d
|d|d|d|�tjjtjkrft	|�dS)Nre�%s.confrgrmz_exec_once = 0rJrhznorestored = %(_exec_once)sz
restore = zinfo = z<_use_flush_ = echo '[%(name)s] %(actname)s: -- flushing IPs'z6actionstart =  echo '[%(name)s] %(actname)s: ** start'z7actionreload = echo '[%(name)s] %(actname)s: .. reload'zMactionban =    echo '[%(name)s] %(actname)s: ++ ban <ip> %(restore)s%(info)s'z;actionunban =  echo '[%(name)s] %(actname)s: -- unban <ip>'z5actionstop =   echo '[%(name)s] %(actname)s: __ stop')
r\r~r,rRr�r�r�rr�r�)�actname�allowr�rZban�unbanr�rN�r�r'r(�_write_action_cfgis*
�zBFail2banServerTest.testServerReloadTest.<locals>._write_action_cfg�rrr'�pollingc%stt�d�ddddddddd	d
dddd
|ddd|vr:dndd|vrHdndd|vrVdndd�d|vrnd�ndd|vr�d�ndd	d|vr�dndd|vr�dndddd
|ddd|vr�dndd|vr�dndd�d|vr�dnd�#tjjtjkr�tt�d��dS)Nr[rgrlrJrm�usedns = no�maxretry = 3zfindtime = 10mzBfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>�datepattern = {^LN-BEG}EPOCHzignoreip = 127.0.0.1/8 ::1�[test-jail1]�
backend = �filter =z	action = rz*         test-action1[name='%(__name__)s']rzj         test-action2[name='%(__name__)s', restore='restored: <restored>', info=', err-code: <F-ERRCODE>']�z�         test-action2[name='%(__name__)s', actname=test-action3, _exec_once=1, restore='restored: <restored>', actionflush=<_use_flush_>]�
logpath = z
          z@            ^\s*error <F-ERRCODE>401|403</F-ERRCODE> from <HOST>r:z[test-jail2]�rRr\r�r�r�rr�r�)�enabled�actions�backend�r��test1logZtest2logZtest3logr'r(�_write_jail_cfg�sV
����
���%z@Fail2banServerTest.testServerReloadTest.<locals>._write_jail_cfg)rC�test-action2r)rrrP)rSrTr[r)r8r9r:rgz# failure 401 from 192.0.2.1: test 1rPz[test-phase 1a]r�Reload finished.z1 ticket(s) in 'test-jail1r�zAdded logfile: %rz[test-jail1] Ban 192.0.2.1z-stdout: '[test-jail1] test-action1: ** start'z-stdout: '[test-jail1] test-action2: ** start'r�zPstdout: '[test-jail1] test-action2: ++ ban 192.0.2.1 restored: 0, err-code: 401'zAstdout: '[test-jail1] test-action3: ++ ban 192.0.2.1 restored: 0'r;z)Errors in jail 'broken-jail'. Skipping...z:Jail 'broken-jail' skipped, because of wrong configurationz[test-phase 1b]r)rT�r�z[test-jail1] Unban 192.0.2.1z.stdout: '[test-jail1] test-action1: .. reload'z.stdout: '[test-jail1] test-action2: .. reload'zCreating new jail 'test-jail2'zJail 'test-jail2' startedz4stdout: '[test-jail1] test-action3: -- flushing IPs'z,stdout: '[test-jail1] test-action3: __ stop'z7stdout: '[test-jail1] test-action3: -- unban 192.0.2.1'z[test-phase 2a]z+               echo '[<name>] %s: started.'z,               echo '[<name>] %s: reloaded.'z+               echo '[<name>] %s: stopped.')rCr�rr�zAdded logfile:z.stdout: '[test-jail1] test-action1: reloaded.'z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.1'z,stdout: '[test-jail1] test-action2: __ stop'z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.1'F)rCrDz[test-phase 2b]�a+z#   error 403 from 192.0.2.2: test 2z#   error 403 from 192.0.2.3: test 2z# failure 401 from 192.0.2.4: test 2z# failure 401 from 192.0.2.8: test 2z2 ticket(s) in 'test-jail2z5 ticket(s) in 'test-jail1�setz
test-jail2�banip�	192.0.2.9z3 ticket(s) in 'test-jail2z[test-jail1] Ban 192.0.2.2z[test-jail1] Ban 192.0.2.3z[test-jail1] Ban 192.0.2.4z[test-jail1] Ban 192.0.2.8z[test-jail2] Ban 192.0.2.4z[test-jail2] Ban 192.0.2.8z[test-jail2] Ban 192.0.2.9z[test-jail2] Found 192.0.2.2z[test-jail2] Ban 192.0.2.2z[test-jail2] Found 192.0.2.3z[test-jail2] Ban 192.0.2.3Zbannedr�
test-jail1)�	192.0.2.4�	192.0.2.1�	192.0.2.8�	192.0.2.3�	192.0.2.2)rar_rcrbraz192.0.2.222r�rdz[test-phase 2c]rzRestore Banz[test-jail2] Unban 192.0.2.4z[test-jail2] Unban 192.0.2.8z[test-jail2] Unban 192.0.2.9zJail 'test-jail2' stoppedz"[test-jail2] Restore Ban 192.0.2.4z"[test-jail2] Restore Ban 192.0.2.8z"[test-jail2] Restore Ban 192.0.2.9zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.4 restored: 1, err-code: 401'zPstdout: '[test-jail2] test-action2: ++ ban 192.0.2.8 restored: 1, err-code: 401'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.4 restored: 1'zAstdout: '[test-jail2] test-action3: ++ ban 192.0.2.8 restored: 1'z[test-phase 2d]z
192.0.2.21z
192.0.2.22z5stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22z6stdout: '[test-jail2] test-action3: ++ ban 192.0.2.22 z[test-phase 2d.1]rIrcz[test-phase 2d.2]rez[test-phase 2e]z--unbanz7stdout: '[test-jail2] test-action2: -- unban 192.0.2.21z8stdout: '[test-jail2] test-action2: -- unban 192.0.2.22'z4stdout: '[test-jail2] test-action3: -- flushing IPs'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.21'z8stdout: '[test-jail2] test-action3: -- unban 192.0.2.22'z[test-phase 3]zReload jail 'test-jail1'zJail 'test-jail1' reloadedzReload jail 'test-jail2'zJail 'test-jail2' reloadedzJail 'test-jail1' startedz[test-phase 4])rSzStopping jail 'test-jail2'zRemoved logfile: %rz[test-phase 5]z# failure 401 from 192.0.2.1: test 5z#   error 403 from 192.0.2.5: test 5z# failure 401 from 192.0.2.6: test 5z6 ticket(s) in 'test-jail1z%[test-jail1] 192.0.2.1 already bannedz[test-jail1] Found 192.0.2.1z[test-jail1] Found 192.0.2.6z[test-jail1] Ban 192.0.2.6z[test-jail1] Found 192.0.2.5z[test-phase 6a]rrEz	192.0.2.5z	192.0.2.6z192.0.2.5 is not bannedz[test-jail1] Unban 192.0.2.6z[test-phase 6b]z192.0.2.2/31z[test-jail1] Unban 192.0.2.2z[test-jail1] Unban 192.0.2.3z192.0.2.8/31z192.0.2.100/31z[test-jail1] Unban 192.0.2.8z192.0.2.100/31 is not bannedz[test-phase 6c]z
192.0.2.96/28z192.0.2.112/28z[test-jail1] Ban 192.0.2.96/28z[test-jail1] Ban 192.0.2.112/28Zunbanipz
192.0.2.64/26z [test-jail1] Unban 192.0.2.96/28z![test-jail1] Unban 192.0.2.112/28z[test-phase 7]z[test-jail1] Unban 192.0.2.4zJail 'test-jail1' stoppedz[test-phase 7b]�--allzFlush ban listz'Unbanned 0, 0 ticket(s) in 'test-jail1'z[test-phase 8a]zxxx-unknown-backend-zzz)rSrUz0Restart jail 'test-jail1' (reason: 'polling' != zUnknown backend z[test-phase 8b]z[test-phase end-1]z$the jail 'test-jail2' does not existz--if-existsz[test-phase end-2]�	--restartz[test-phase end-3]Zaddignoreipz192.0.2.1/32z2001:DB8::1/96Zignoreip)rATrJrJrJrJrJ)rHr'rI)r\r~rrRr�r�rr,r�r�r�r�rr�r�r�r�r�r2�assertNotLoggedr3ZassertSortedEqualr��assertEqualr�)r�rnr�rGrXr'rVr(�testServerReloadTestYsT




�*

�(


�
���
������
��
����
��������	�
�

��
���
���
���
���
���

���
�����
���
�
�
�������

��
���
�����

��
����
��
��
���
��
�

�
��
��
��z'Fail2banServerTest.testServerReloadTestznginx-block-map)�action)�%(tmp)s/blck-failures.log)re)z[nginx-blck-lst]rfrJz#logpath = %(tmp)s/blck-failures.logzoaction = nginx-block-map[srv_cmd="echo nginx", srv_pid="%(tmp)s/f2b.pid", blck_lst_file="%(tmp)s/blck-lst.map"]z�         blocklist_de[actionban='curl() { echo "*** curl" "$*";}; <Definition/actionban>', email="Fail2Ban <fail2ban@localhost>", apikey="TEST-API-KEY", agent="fail2ban-test-agent", service=<name>]rO�datepattern = ^Epochz3failregex = ^ failure "<F-ID>[^"]+</F-ID>" - <ADDR>zmaxretry = 1r:)r�r�r�cCs�t|d�}dd|i}dd|i}t|dttt����dttt����dttt����dttt����d	ttt����d
�|jddd
ddddtd�t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|jdddd�|jdddtd�|�t|dddd �t|�t	|�}|�
d|�|�
d|�|�
d|�|�
d|�|�
d|�|�t�|�d!�t|�t	|�}|�|d"�dS)#NrYrlrnz%(tmp)s/blck-lst.map�w+z" failure "125-000-001" - 192.0.2.1z" failure "125-000-002" - 192.0.2.1u1 failure "125-000-003" - 192.0.2.1 (òðåòèé)u1 failure "125-000-004" - 192.0.2.1 (òðåòèé)z" failure "125-000-005" - 192.0.2.1z [nginx-blck-lst] Ban 125-000-001z [nginx-blck-lst] Ban 125-000-002z [nginx-blck-lst] Ban 125-000-003z [nginx-blck-lst] Ban 125-000-004z [nginx-blck-lst] Ban 125-000-005z5 ticket(s)Tr�z\125-000-001 1;
z\125-000-002 1;
z\125-000-003 1;
z\125-000-004 1;
z\125-000-005 1;
zstdout: 'nginx -qt'zstdout: 'nginx -s reload'r�z�stdout: '*** curl --fail --data-urlencode server=Fail2Ban <fail2ban@localhost> --data apikey=TEST-API-KEY --data service=nginx-blck-lst z=stdout: ' --data format=text --user-agent fail2ban-test-agentrEz125-000-001z125-000-002z125-000-005z5[nginx-blck-lst] Flush ticket(s) with nginx-block-maprJ)r\rRr�r�rr,r�r2r�rU�assertInr�r��assertNotInr�ri)r�rnr�r��lgfnZmpfn�mpr'r'r(�testServerActions_NginxBlockMapEsZ
��	�

z2Fail2banServerTest.testServerActions_NginxBlockMapz
sendmail-auth)�filter)�%(tmp)s/test.logT)rmzdbmaxmatches = 1)a�test_action = dummy[actionstart_on_demand=1, init="start: %(__name__)s", target="%(tmp)s/test.txt",
      actionban='<known/actionban>; echo "found: <jail.found> / <jail.found_total>, banned: <jail.banned> / <jail.banned_total>"
        echo "<matches>"; printf "=====\n%%b\n=====\n\n" "<matches>" >> <target>',
      actionstop='<known/actionstop>; echo "stats <name> - found: <jail.found_total>, banned: <jail.banned_total>"']z[sendmail-auth]rfrJ�logpath = %(tmp)s/test.log�action = %(test_action)sz%filter = sendmail-auth[logtype=short]rmrKzmaxmatches = 2r:z[sendmail-reject]rfrJrvrwz'filter = sendmail-reject[logtype=short]rmrKr:)r�r�r�r�c
	Cslt|d�}dd|i}dd|i}ttt����dttt����dttt����df}ttt����dttt����d	ttt����d
f}|�d�t|dg|�R�|jd
dddtd�t	|�t
|�}|d}	|�|	|�|dd�D]}	|�|	|�q�|�d�t|dg|�R�|jddddtd�t	|�t
|�}|D]}	|�|	|��qL|�d�|�
t|ddd�|jddddddtd�t
|�}|d }	|�|	�|�|	|�|dd �D]}	|�|	�|�|	|��q�|jd!ddtd�t
|�}|d }	|�|	�|�|	|�|dd �D]}	|�|	�|�|	|��q(|�d"�|�t�|�t|��dS)#NrYrurnz%(tmp)s/test.txtz] smtp1 sm-mta[5133]: s1000000000001: [192.0.2.1]: possible SMTP attack: command=AUTH, count=1z] smtp1 sm-mta[5133]: s1000000000002: [192.0.2.1]: possible SMTP attack: command=AUTH, count=2z] smtp1 sm-mta[5133]: s1000000000003: [192.0.2.1]: possible SMTP attack: command=AUTH, count=3z� smtp1 sm-mta[21134]: s2000000000001: ruleset=check_rcpt, arg1=<123@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <123@example.com>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s2000000000002: ruleset=check_rcpt, arg1=<345@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <345@example.com>... Relaying denied. Proper authentication required.z� smtp1 sm-mta[21134]: s3000000000003: ruleset=check_rcpt, arg1=<567@example.com>, relay=xxx.dynamic.example.com [192.0.2.2], reject=550 5.7.1 <567@example.com>... Relaying denied. Proper authentication required.z[test-phase sendmail-auth]rnz[sendmail-auth] Ban 192.0.2.1z%stdout: 'found: 0 / 3, banned: 1 / 1'z1 ticket(s) in 'sendmail-auth'Tr�rrz[test-phase sendmail-reject]r\z[sendmail-reject] Ban 192.0.2.2z 1 ticket(s) in 'sendmail-reject'z[test-phase restart sendmail-*]rrgrfrZz3stdout: 'stats sendmail-auth - found: 3, banned: 1'z5stdout: 'stats sendmail-reject - found: 3, banned: 1'z%[sendmail-auth] Restore Ban 192.0.2.1r�z'[sendmail-reject] Restore Ban 192.0.2.2z[test-phase stop server])r\r�r�rr,r�rRr�r2r�rUrpror�r�rhr�r>r)
r�rnr�r�rqZtofnZ	smaut_msgZ	smrej_msg�td�mr'r'r(�testServerJails_Sendmail�s~)
��
�
�
��

�



z+Fail2banServerTest.testServerJails_Sendmailcs�t|d��t|d��t�t�d��d>�fdd�	}d?��fd	d
�	}|ddd�|d
dd�|�t�d�|�d�|�t|d�t�dgttt	�
���dfd�R�t�|jdddt
d�t�|�d�td�t�|jddddt
d�t�|�d�d�t�fdd��t�dgttt	�
���d fd!�R�|jd"d#dt
d�|�d$�|�t|d%d&d'd(�|jd)d*dt
d�d�t�|�d+�td,�t�|jd-dt
d�t�|�d.�|�t|d%d&d'd(�|jd)d/dt
d�|�d0�t�d1d2i�tj���fd3d4�}��d5|���d5d6d��t��fd7d�t��j�tjj�rZd8nd9df�fd:d;�	}|�_|�t�|�d<�|��j�|��j d�d!�d1<|jd<dd=���!�dS)@NrYr@rerATc	sHt�dd|�}t|ddddd|r&dndd	�tjjtjkrDt|�dS)
NrerBrgrmrJrhzeactionban =     printf %%s "[%(name)s] %(actname)s: ++ ban <ip> -c <bancount> -t <bantime> : <F-MSG>"ziactionprolong = printf %%s "[%(name)s] %(actname)s: ++ prolong <ip> -c <bancount> -t <bantime> : <F-MSG>"zBactionunban =   printf %%b '[%(name)s] %(actname)s: -- unban <ip>')r\rRr�r�r�rr�r�)rC�prolongrNrFr'r(rGs��	z@Fail2banServerTest.testServerObserver.<locals>._write_action_cfgrIcs`tt�d�ddddddddd	d
dddd
|dddd�ddd�tjjtjkr\tt�d��dS)Nr[rgrlrJrmrJrKz
findtime = 1mzbantime = 5mzbantime.increment = truerLrMrNrOz*action = test-action1[name='%(__name__)s']z*         test-action2[name='%(__name__)s']rQzXfailregex = ^\s*failure <F-ERRCODE>401|403</F-ERRCODE> from <HOST>:\s*<F-MSG>.*</F-MSG>$r:rR)rU)r�rWr'r(rX#s(
�z>Fail2banServerTest.testServerObserver.<locals>._write_jail_cfgF)rCr{rYrgz[test-phase 0) time-0]rrnz> failure 401 from 192.0.2.11: I'm bad "hacker" `` $(echo test)rPzDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 1 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 1 -t 300 : r�z[test-phase 1) time+10m]�
z7stdout: '[test-jail1] test-action1: -- unban 192.0.2.11z7stdout: '[test-jail1] test-action2: -- unban 192.0.2.11z0 ticket(s) in 'test-jail1'z[test-phase 2) time+10m]cs�SrSr'r')�wakeObsr'r(r�^raz7Fail2banServerTest.testServerObserver.<locals>.<lambda>r\zC failure 401 from 192.0.2.11: I'm very bad "hacker" `` $(echo test)rzDstdout: '[test-jail1] test-action1: ++ ban 192.0.2.11 -c 2 -t 300 : zDstdout: '[test-jail1] test-action2: ++ ban 192.0.2.11 -c 2 -t 300 : z"[test-phase 2) time+10m - get-ips]r�r`r^z--with-timez
192.0.2.11z+ 300 =z[test-phase 2) time+11m]rzHstdout: '[test-jail1] test-action2: ++ prolong 192.0.2.11 -c 2 -t 600 : z"[test-phase 2) time+11m - get-ips]z+ 600 =z'[test-phase end) stop on busy observer]�statercs<t�d�d�d<t��fdd�t����t�d�dS)Nz!++ observer enters busy state ...rr~cs�ddkS)Nr~rr'r'�r)r'r(r��razMFail2banServerTest.testServerObserver.<locals>._long_action.<locals>.<lambda>z-- observer leaves busy state.)rr$rr5r�Zdb_purger')r)�obsMainr'r(�_long_action�s

z;Fail2banServerTest.testServerObserver.<locals>._long_action�callcSsdSrSr'r'r'r'r(r��racs�ddkS)Nr~rr'r'rr'r(r��rag{�G�z�?g�������?cs
�||�SrSr')ZwtimeZ	forceQuit)�obsMain_stopr'r(�_stop�sz4Fail2banServerTest.testServerObserver.<locals>._stopzobserver leaves busy stater[)rAT)rI)"r\r~rrRr�r�r�r�r�rr,r3r�r2r.r<r!r0r1�addrr5r�r�r�r�rr�rhr>ZidleriZ_ObserverThread__dbr)r�rnr�rGrXr�r�r')r)r�r�r�rWr}r(�testServerObservers�



��
�
��
�
�
�
 

z%Fail2banServerTest.testServerObserverN)r?r@rA�_exec_serverrrr4rr�r6r7r<r?r�rjr�r�Zskip_if_cfg_missingrsrzr�Z_testServerStartStopZtestServerStartStopr'r'r'r(r3�sJ

n�<�'P
r3)FNrVrWr'rXN)`�
__author__�
__copyright__�__license__ryr~rwrr,r�r��os.pathrr\rrrr�	functoolsr	�	threadingr
�clientrr
rZclient.fail2bancmdlinerZclient.fail2banclientrr2rrZclient.fail2banserverrr�rJrrZ
server.mytimerZserver.utilsr�utilsrrr�rrrrrrvr r!Zhelpersr"r?rrZ
getServerPathrr�ZmaxWaitTimer�r2r�r�r�r�r)rr.r0r3r<r=rCr�r�rFrHZ
input_commandZ
PRODUCTIONZdumpFiler�rRrUr�r�r�r�r�r�r�rr3r'r'r'r(�<module>s�,
����
�
U
,F
Z
@ Telegram