no more fallbacks
parent
d73780cacd
commit
f58781adad
|
@ -1,5 +1,5 @@
|
|||
# pyruse is intended as a replacement to both fail2ban and epylog
|
||||
# Copyright © 2017 Y. Gablin
|
||||
# Copyright © 2017–2018 Y. Gablin
|
||||
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
||||
import abc
|
||||
from pyruse import log
|
||||
|
@ -28,16 +28,13 @@ class Filter(Step):
|
|||
pass
|
||||
|
||||
def run(self, entry):
|
||||
global filterFallback
|
||||
try:
|
||||
nextStep = self.nextStep if self.filter(entry) else self.altStep
|
||||
except Exception as e:
|
||||
log.error("Error while executing %s: %s." % (type(self), str(e)))
|
||||
nextStep = self.altStep
|
||||
log.error("Error while executing %s: %s." % (type(self), str(e)))
|
||||
if nextStep:
|
||||
nextStep.run(entry)
|
||||
elif filterFallback is not None:
|
||||
filterFallback.run(entry)
|
||||
|
||||
class Action(Step):
|
||||
def __init__(self):
|
||||
|
@ -48,15 +45,11 @@ class Action(Step):
|
|||
pass
|
||||
|
||||
def run(self, entry):
|
||||
global actionFallback
|
||||
try:
|
||||
self.act(entry)
|
||||
nextStep = self.nextStep
|
||||
except Exception as e:
|
||||
nextStep = None
|
||||
log.error("Error while executing %s: %s." % (type(self), str(e)))
|
||||
if self.nextStep:
|
||||
self.nextStep.run(entry)
|
||||
elif self != filterFallback and self != actionFallback and actionFallback is not None:
|
||||
actionFallback.run(entry)
|
||||
|
||||
filterFallback = None
|
||||
actionFallback = None
|
||||
if nextStep:
|
||||
nextStep.run(entry)
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# pyruse is intended as a replacement to both fail2ban and epylog
|
||||
# Copyright © 2017 Y. Gablin
|
||||
# Copyright © 2017–2018 Y. Gablin
|
||||
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
||||
import os
|
||||
import sys
|
||||
from systemd import journal
|
||||
from pyruse import base, config, module, workflow
|
||||
from pyruse import config, module, workflow
|
||||
|
||||
PYRUSE_ENVVAR = "PYRUSE_EXTRA"
|
||||
PYRUSE_PATHS = []
|
||||
|
@ -37,17 +37,8 @@ def boot(modName):
|
|||
|
||||
def main():
|
||||
_setPyrusePaths()
|
||||
conf = config.Config(PYRUSE_PATHS)
|
||||
fback = conf.asMap().get("fallback", {})
|
||||
if "all_filters_failed" in fback:
|
||||
base.filterFallback = module.get(fback.get("all_filters_failed")).module
|
||||
else:
|
||||
base.filterFallback = None
|
||||
if "finalize_after_last_action" in fback:
|
||||
base.actionFallback = module.get(fback.get("finalize_after_last_action")).module
|
||||
else:
|
||||
base.actionFallback = None
|
||||
wf = workflow.Workflow(conf.asMap().get("actions", {}))
|
||||
conf = config.Config(PYRUSE_PATHS).asMap().get("actions", {})
|
||||
wf = workflow.Workflow(conf)
|
||||
_doForEachJournalEntry(wf.run)
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
|
|
@ -7,7 +7,7 @@ import sys
|
|||
from datetime import datetime
|
||||
|
||||
sys.path.insert(1, "..")
|
||||
from pyruse import actions, base, config, module, workflow
|
||||
from pyruse import actions, config, module, workflow
|
||||
|
||||
def _clean():
|
||||
for f in ['acted_on.log', 'action_nftBan.py.json', 'email.dump', 'nftBan.cmd', 'unfiltered.log']:
|
||||
|
@ -17,15 +17,6 @@ def _clean():
|
|||
def main():
|
||||
global _microsec
|
||||
conf = config.Config(os.curdir)
|
||||
fback = conf.asMap().get("fallback", {})
|
||||
if "all_filters_failed" in fback:
|
||||
base.filterFallback = module.get(fback.get("all_filters_failed")).module
|
||||
else:
|
||||
base.filterFallback = None
|
||||
if "finalize_after_last_action" in fback:
|
||||
base.actionFallback = module.get(fback.get("finalize_after_last_action")).module
|
||||
else:
|
||||
base.actionFallback = None
|
||||
|
||||
# Unit tests
|
||||
import filter_equals, filter_greaterOrEquals, filter_in, filter_lowerOrEquals, filter_pcre, filter_pcreAny, filter_userExists
|
||||
|
|
|
@ -16,7 +16,8 @@
|
|||
},
|
||||
{
|
||||
"action": "action_dailyReport",
|
||||
"args": { "level": "INFO", "message": "Login as {user} from {ip}" }
|
||||
"args": { "level": "INFO", "message": "Login as {user} from {ip}" },
|
||||
"then": "… finalize after last action"
|
||||
}
|
||||
],
|
||||
"… Detect failed logins": [
|
||||
|
@ -57,20 +58,23 @@
|
|||
},
|
||||
{
|
||||
"action": "action_nftBan",
|
||||
"args": { "IP": "ip", "banSeconds": 100, "nftSetIPv4": "I4 bans", "nftSetIPv6": "I6 bans" }
|
||||
"args": { "IP": "ip", "banSeconds": 100, "nftSetIPv4": "I4 bans", "nftSetIPv6": "I6 bans" },
|
||||
"then": "… finalize after last action"
|
||||
}
|
||||
],
|
||||
"all filters failed": [
|
||||
{
|
||||
"action": "action_testLog",
|
||||
"args": { "level": "OTHER", "message": "Filter came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "unfiltered.log" }
|
||||
}
|
||||
],
|
||||
"… finalize after last action": [
|
||||
{
|
||||
"action": "action_testLog",
|
||||
"args": { "level": "OTHER", "message": "Action came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "acted_on.log" }
|
||||
}
|
||||
]
|
||||
},
|
||||
"fallback": {
|
||||
"all_filters_failed": {
|
||||
"action": "action_testLog",
|
||||
"args": { "level": "OTHER", "message": "Filter came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "unfiltered.log" }
|
||||
},
|
||||
"finalize_after_last_action": {
|
||||
"action": "action_testLog",
|
||||
"args": { "level": "OTHER", "message": "Action came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "acted_on.log" }
|
||||
}
|
||||
},
|
||||
"email": {
|
||||
"from": "pyruse@localhost",
|
||||
"to": [
|
||||
|
|
Loading…
Reference in New Issue