filter to match any number of regex + noop action == a reject filter

TODO.md

@@ -1,7 +1,5 @@
 # TODO
 
-* Insert the GPL stuff in the source files.
-* Create a filter that rejects all messages that match a series of regular expressions.
 * Maybe switch from storing the daily journal in a file, to storing it in a database.
 * Write the systemd service that starts pyruse on boot.
 * Write the systemd service+timer that restores bans after a reboot.

pyruse/actions/action_counterRaise.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import datetime
 from pyruse import base, counter
 

pyruse/actions/action_counterReset.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import datetime
 from pyruse import base, counter
 

pyruse/actions/action_dailyReport.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import json
 import os
 import string

pyruse/actions/action_email.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import string
 from pyruse import base, email
 

pyruse/actions/action_nftBan.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import datetime
 import json
 import os

pyruse/actions/action_noop.py

@@ -0,0 +1,11 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
+from pyruse import base
+
+class Action(base.Action):
+    def __init__(self, args):
+        super().__init__()
+
+    def act(self, entry):
+        pass

pyruse/base.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import abc
 from pyruse import log
 

pyruse/config.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import json
 import os
 from collections import OrderedDict

pyruse/counter.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import datetime
 
 class Counter():

pyruse/email.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import subprocess
 from email.headerregistry import Address
 from email.message import EmailMessage

pyruse/filters/filter_equals.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse import base
 
 class Filter(base.Filter):

pyruse/filters/filter_greaterOrEquals.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse import base
 
 class Filter(base.Filter):

pyruse/filters/filter_pcre.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import re
 from pyruse import base
 

pyruse/filters/filter_pcreAny.py

@@ -0,0 +1,23 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
+import re
+from pyruse import base
+
+class Filter(base.Filter):
+    def __init__(self, args):
+        super().__init__()
+        self.field = args["field"]
+        reList = []
+        for item in args["re"]:
+            reList.append(re.compile(item))
+        self.reList = reList
+
+    def filter(self, entry):
+        for item in self.reList:
+            match = item.search(entry.get(self.field, ""))
+            if match:
+                for name, value in match.groupdict().items():
+                    entry[name] = value
+                return True
+        return False

pyruse/filters/filter_userExists.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import pwd
 from pyruse import base
 

pyruse/log.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from systemd import journal
 
 EMERG = 0 # System is unusable.

pyruse/main.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import os
 import sys
 from systemd import journal

pyruse/module.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import importlib
 from pyruse import log
 

pyruse/workflow.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse import log, module
 
 class Workflow:

tests/action_counterRaise.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import time
 from pyruse.actions.action_counterRaise import Action
 from pyruse.actions import action_counterReset

tests/action_counterReset.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import time
 from pyruse.actions.action_counterReset import Action
 from pyruse.actions import action_counterRaise

tests/action_dailyReport.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import os
 import re
 from datetime import datetime

tests/action_email.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import os
 import re
 from pyruse.actions.action_email import Action

tests/action_nftBan.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import json
 import os
 import time

tests/filter_equals.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse.filters.filter_equals import Filter
 
 def whenGreaterThenFalse():

tests/filter_greaterOrEquals.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse.filters.filter_greaterOrEquals import Filter
 
 def whenGreaterPosIntThenTrue():

tests/filter_pcre.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse.filters.filter_pcre import Filter
 
 def whenMatchesThenTrue():

tests/filter_pcreAny.py

@@ -0,0 +1,15 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
+from pyruse.filters.filter_pcreAny import Filter
+
+def whenMatchesThenTrue():
+    assert Filter({"field": "v", "re": ["cool", "ok"]}).filter({"v": "joke"})
+
+def whenNoMatchThenFalse():
+    assert not Filter({"field": "v", "re": ["bad", "ko"]}).filter({"v": "Koala"})
+
+def whenNamedGroupsThenFoundInEntry():
+    entry = {"v": "It works or not"}
+    Filter({"field": "v", "re": ["^(?P<o>It)(?P<k> works)", "(?P<k>or)(?P<o> not)$"]}).filter(entry)
+    assert entry["o"] + entry["k"] == "It works"

tests/filter_userExists.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse.filters.filter_userExists import Filter
 
 def whenUserExistsThenTrue():

tests/main.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 import os
 import subprocess
 import sys
@@ -25,7 +28,7 @@ def main():
         base.actionFallback = None
 
     # Unit tests
-    import filter_equals, filter_greaterOrEquals, filter_pcre, filter_userExists
+    import filter_equals, filter_greaterOrEquals, filter_pcre, filter_pcreAny, filter_userExists
     import action_counterRaise, action_counterReset, action_dailyReport, action_email, action_nftBan
 
     filter_equals.whenGreaterThenFalse()
@@ -44,6 +47,10 @@ def main():
     filter_pcre.whenSaveThenGroupsInEntry()
     filter_pcre.whenNamedGroupsThenFoundInEntry()
 
+    filter_pcreAny.whenMatchesThenTrue()
+    filter_pcreAny.whenNoMatchThenFalse()
+    filter_pcreAny.whenNamedGroupsThenFoundInEntry()
+
     filter_userExists.whenUserExistsThenTrue()
     filter_userExists.whenGarbageThenFalse()
 

tests/pyruse/actions/action_testLog.py

@@ -1,3 +1,6 @@
+# pyruse is intended as a replacement to both fail2ban and epylog
+# Copyright © 2017 Y. Gablin
+# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
 from pyruse.actions import action_dailyReport
 
 class Action(action_dailyReport.Action):