no more fallbacks

master
Yves G 2018-01-31 12:04:21 +01:00
parent d73780cacd
commit f58781adad
4 changed files with 27 additions and 48 deletions

View File

@ -1,5 +1,5 @@
# pyruse is intended as a replacement to both fail2ban and epylog
# Copyright © 2017 Y. Gablin
# Copyright © 20172018 Y. Gablin
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
import abc
from pyruse import log
@ -28,16 +28,13 @@ class Filter(Step):
pass
def run(self, entry):
global filterFallback
try:
nextStep = self.nextStep if self.filter(entry) else self.altStep
except Exception as e:
log.error("Error while executing %s: %s." % (type(self), str(e)))
nextStep = self.altStep
log.error("Error while executing %s: %s." % (type(self), str(e)))
if nextStep:
nextStep.run(entry)
elif filterFallback is not None:
filterFallback.run(entry)
class Action(Step):
def __init__(self):
@ -48,15 +45,11 @@ class Action(Step):
pass
def run(self, entry):
global actionFallback
try:
self.act(entry)
nextStep = self.nextStep
except Exception as e:
nextStep = None
log.error("Error while executing %s: %s." % (type(self), str(e)))
if self.nextStep:
self.nextStep.run(entry)
elif self != filterFallback and self != actionFallback and actionFallback is not None:
actionFallback.run(entry)
filterFallback = None
actionFallback = None
if nextStep:
nextStep.run(entry)

View File

@ -1,10 +1,10 @@
# pyruse is intended as a replacement to both fail2ban and epylog
# Copyright © 2017 Y. Gablin
# Copyright © 20172018 Y. Gablin
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
import os
import sys
from systemd import journal
from pyruse import base, config, module, workflow
from pyruse import config, module, workflow
PYRUSE_ENVVAR = "PYRUSE_EXTRA"
PYRUSE_PATHS = []
@ -37,17 +37,8 @@ def boot(modName):
def main():
_setPyrusePaths()
conf = config.Config(PYRUSE_PATHS)
fback = conf.asMap().get("fallback", {})
if "all_filters_failed" in fback:
base.filterFallback = module.get(fback.get("all_filters_failed")).module
else:
base.filterFallback = None
if "finalize_after_last_action" in fback:
base.actionFallback = module.get(fback.get("finalize_after_last_action")).module
else:
base.actionFallback = None
wf = workflow.Workflow(conf.asMap().get("actions", {}))
conf = config.Config(PYRUSE_PATHS).asMap().get("actions", {})
wf = workflow.Workflow(conf)
_doForEachJournalEntry(wf.run)
if __name__ == '__main__':

View File

@ -7,7 +7,7 @@ import sys
from datetime import datetime
sys.path.insert(1, "..")
from pyruse import actions, base, config, module, workflow
from pyruse import actions, config, module, workflow
def _clean():
for f in ['acted_on.log', 'action_nftBan.py.json', 'email.dump', 'nftBan.cmd', 'unfiltered.log']:
@ -17,15 +17,6 @@ def _clean():
def main():
global _microsec
conf = config.Config(os.curdir)
fback = conf.asMap().get("fallback", {})
if "all_filters_failed" in fback:
base.filterFallback = module.get(fback.get("all_filters_failed")).module
else:
base.filterFallback = None
if "finalize_after_last_action" in fback:
base.actionFallback = module.get(fback.get("finalize_after_last_action")).module
else:
base.actionFallback = None
# Unit tests
import filter_equals, filter_greaterOrEquals, filter_in, filter_lowerOrEquals, filter_pcre, filter_pcreAny, filter_userExists

View File

@ -16,7 +16,8 @@
},
{
"action": "action_dailyReport",
"args": { "level": "INFO", "message": "Login as {user} from {ip}" }
"args": { "level": "INFO", "message": "Login as {user} from {ip}" },
"then": "… finalize after last action"
}
],
"… Detect failed logins": [
@ -57,20 +58,23 @@
},
{
"action": "action_nftBan",
"args": { "IP": "ip", "banSeconds": 100, "nftSetIPv4": "I4 bans", "nftSetIPv6": "I6 bans" }
"args": { "IP": "ip", "banSeconds": 100, "nftSetIPv4": "I4 bans", "nftSetIPv6": "I6 bans" },
"then": "… finalize after last action"
}
],
"all filters failed": [
{
"action": "action_testLog",
"args": { "level": "OTHER", "message": "Filter came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "unfiltered.log" }
}
],
"… finalize after last action": [
{
"action": "action_testLog",
"args": { "level": "OTHER", "message": "Action came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "acted_on.log" }
}
]
},
"fallback": {
"all_filters_failed": {
"action": "action_testLog",
"args": { "level": "OTHER", "message": "Filter came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "unfiltered.log" }
},
"finalize_after_last_action": {
"action": "action_testLog",
"args": { "level": "OTHER", "message": "Action came last [{_HOSTNAME}:{service}] {MESSAGE}", "outFile": "acted_on.log" }
}
},
"email": {
"from": "pyruse@localhost",
"to": [