ruben/jail2ban
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pylint fixes

Browse Source
This commit is contained in:
Ruben van Staveren 2023-01-14 16:29:39 +01:00
parent 4bf881f03b
commit 62d92d3c91
Signed by: ruben
GPG Key ID: 886F6BECD477A93F
2 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.pylintrc Normal file
View File

@ -0,0 +1,2 @@
[TYPECHECK]
generated-members=app.logger.*

26
jail2ban/__init__.py
View File

@ -1,11 +1,16 @@
'''
jail2ban, a remote fail2ban action plugin using OpenBSD pf(8)
'''
from ipaddress import ip_address
import re
from subprocess import CalledProcessError
from flask import Flask, request, jsonify, current_app from flask import Flask, request, jsonify, current_app
from flask_httpauth import HTTPBasicAuth from flask_httpauth import HTTPBasicAuth
from werkzeug.security import check_password_hash from werkzeug.security import check_password_hash
from ipaddress import ip_address
import re
from jail2ban.pfctl import pfctl_table_op, pfctl_cfg_read, pfctl_cfg_write from jail2ban.pfctl import pfctl_table_op, pfctl_cfg_read, pfctl_cfg_write
from jail2ban.auth import get_users from jail2ban.auth import get_users
from subprocess import CalledProcessError
auth = HTTPBasicAuth() auth = HTTPBasicAuth()
@ -30,11 +35,13 @@ def untaint(pattern, string):
match = re.match(pattern, string) match = re.match(pattern, string)
if match: if match:
return match.string return match.string
else:
raise ValueError(f'"{string}" is tainted') raise ValueError(f'"{string}" is tainted')
def create_app(): def create_app():
'''
Create wsgi application instance
'''
app = Flask(__name__, instance_relative_config=True) app = Flask(__name__, instance_relative_config=True)
# load the instance config, if it exists, when not testing # load the instance config, if it exists, when not testing
@ -48,6 +55,7 @@ def create_app():
if username in users and \ if username in users and \
check_password_hash(users.get(username), password): check_password_hash(users.get(username), password):
return username return username
return None
@app.route("/ping", methods=['GET']) @app.route("/ping", methods=['GET'])
@auth.login_required @auth.login_required
@ -118,21 +126,21 @@ def create_app():
data = request.get_json() data = request.get_json()
# name / ip # name / ip
name = untaint(PAT_NAME, data['name']) name = untaint(PAT_NAME, data['name'])
ip = ip_address(data['ip']) ip_addr = ip_address(data['ip'])
if request.method == 'PUT': if request.method == 'PUT':
app.logger.info(f'Add {ip} to f2b-{name}' app.logger.info(f'Add {ip_addr} to f2b-{name}'
f' in anchor f2b-jail/{remote_user}') f' in anchor f2b-jail/{remote_user}')
res = pfctl_table_op(f'f2b-jail/{remote_user}', res = pfctl_table_op(f'f2b-jail/{remote_user}',
table=f'f2b-{name}', table=f'f2b-{name}',
operation='add', operation='add',
value=str(ip)) value=str(ip_addr))
else: # 'DELETE': else: # 'DELETE':
app.logger.info(f'Remove {ip} from f2b-{name}' app.logger.info(f'Remove {ip_addr} from f2b-{name}'
f' in anchor f2b-jail/{remote_user}') f' in anchor f2b-jail/{remote_user}')
res = pfctl_table_op(f'f2b-jail/{remote_user}', res = pfctl_table_op(f'f2b-jail/{remote_user}',
table=f'f2b-{name}', table=f'f2b-{name}',
operation='delete', operation='delete',
value=str(ip)) value=str(ip_addr))
return jsonify({'anchor': f'f2b-jail/{remote_user}', return jsonify({'anchor': f'f2b-jail/{remote_user}',
'table': f'f2b-{name}', 'table': f'f2b-{name}',
'operation': 'add' if request.method == 'PUT' 'operation': 'add' if request.method == 'PUT'