Version 0.9.2

CHANGELOG.txt

@@ -1,5 +1,13 @@
 DENYHOSTS CHANGELOG
 
+0.9.2
+=====
+
+- Daemon configuration params DAEMON_SLEEP and DAEMON_PURGE can now be given in the same format accepted by 
+PURGE_DENY (eg. 1d, 5h, 1y, etc...).  If no unit qualifier (eg. s, m, d, h, w, y) is given then 's' (seconds) is 
+assumed.
+
+
 0.9.1
 =====
 

DenyHosts/constants.py

@@ -26,7 +26,8 @@
 CONFIG_FILE = "denyhosts.cfg"
 TAB_OFFSET = 40
 DENY_DELIMITER = "# DenyHosts:"
-PURGE_TIME_LOOKUP = {'m': 60,       # minute
+TIME_SPEC_LOOKUP =  {'s': 1,        # s
+                     'm': 60,       # minute
                      'h': 3600,     # hour
                      'd': 86400,    # day
                      'w': 604800,   # week

DenyHosts/deny_hosts.py

@@ -20,7 +20,7 @@
 from regex import *
 from daemon import createDaemon
 from denyfileutil import Purge
-from util import parse_host
+from util import parse_host, calculate_seconds
 
 debug = logging.getLogger("denyhosts").debug
 info = logging.getLogger("denyhosts").info
@@ -110,10 +110,10 @@ def runDaemon(self, logfile, last_offset):
 
         secure_log = self.__prefs.get('SECURE_LOG')
         info("monitoring log: %s", secure_log)
-        daemon_sleep = self.__prefs.get('DAEMON_SLEEP')
-        purge_time = self.__prefs.get('PURGE_DENY')
+        daemon_sleep = calculate_seconds(self.__prefs.get('DAEMON_SLEEP'))
+        purge_time = calculate_seconds(self.__prefs.get('PURGE_DENY'))
         if purge_time:
-            daemon_purge = self.__prefs.get('DAEMON_PURGE')
+            daemon_purge = calculate_seconds(self.__prefs.get('DAEMON_PURGE'))
             daemon_purge = max(daemon_sleep, daemon_purge)
             purge_sleep_ratio = daemon_purge / daemon_sleep
             info("daemon_purge:      %ld", daemon_purge)

DenyHosts/denyfileutil.py

@@ -3,10 +3,9 @@
 import time
 import logging
 
-from constants import TAB_OFFSET, PURGE_TIME_LOOKUP, DENY_DELIMITER
-from regex import PURGE_TIME_REGEX
+from constants import TAB_OFFSET, DENY_DELIMITER
 from loginattempt import AbusiveHosts
-from util import parse_host
+from util import parse_host, calculate_seconds
 
 debug = logging.getLogger("denyfileutil").debug
 info = logging.getLogger("denyfileutil").info
@@ -89,7 +88,7 @@ def create_temp(self, data):
 class Purge(DenyFileUtilBase):
     def __init__(self, deny_file, purge_timestr, work_dir):
         DenyFileUtilBase.__init__(self, deny_file, "purge")
-        cutoff = self.calculate(purge_timestr)
+        cutoff = calculate_seconds(purge_timestr)
 
         self.cutoff = long(time.time()) - cutoff
         debug("relative cutoff: %ld (seconds)", cutoff)
@@ -111,19 +110,6 @@ def __init__(self, deny_file, purge_timestr, work_dir):
 
         info("num entries purged: %d", num_purged)
 
-    def calculate(self, timestr):
-        m = PURGE_TIME_REGEX.search(timestr)
-        if not m:
-            raise Exception, "Invalid PURGE_TIME specification: string format"
-
-        units = int(m.group('units'))
-        period = m.group('period')
-
-        if units == 0:
-            raise Exception, "Invalid PURGE_TIME specification: units = 0"
-        # anything older than cutoff will get removed
-        return units * PURGE_TIME_LOOKUP[period]
-
 
     def create_temp(self, data):
         purged_hosts = []

DenyHosts/prefs.py

@@ -12,8 +12,8 @@ def __init__(self, path=None):
                        'SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS': 'yes',
                        'HOSTNAME_LOOKUP': 'yes',
                        'DAEMON_LOG': '/var/log/denyhosts',
-                       'DAEMON_SLEEP': 30,
-                       'DAEMON_PURGE': 3600}
+                       'DAEMON_SLEEP': '30s',
+                       'DAEMON_PURGE': '1h'}
 
         # reqd[0]: required field name
         # reqd[1]: is value required? (False = value can be blank)
@@ -34,9 +34,7 @@ def __init__(self, path=None):
                          'HOSTS_DENY',
                          'DAEMON_LOG')
 
-        self.to_int = ('DENY_THRESHOLD',
-                       'DAEMON_PURGE',
-                       'DAEMON_SLEEP')
+        self.to_int = ('DENY_THRESHOLD', )
 
         if path: self.load_settings(path)
 

DenyHosts/regex.py

@@ -19,7 +19,7 @@
 
 SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>.*) for (?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
 
-PURGE_TIME_REGEX = re.compile(r"""(?P<units>\d*)\s*(?P<period>[mhdwy])""")
+TIME_SPEC_REGEX = re.compile(r"""(?P<units>\d*)\s*(?P<period>[smhdwy])?""")
 
 ALLOWED_REGEX = re.compile(r"""(?P<first_3bits>\d{1,3}\.\d{1,3}\.\d{1,3}\.)((?P<fourth>\d{1,3})|(?P<ip_wildcard>\*)|\[(?P<ip_range>\d{1,3}\-\d{1,3})\])""")
 

DenyHosts/util.py

@@ -3,7 +3,8 @@
 import time
 from smtplib import SMTP
 import logging
-from constants import BSD_STYLE
+from constants import BSD_STYLE, TIME_SPEC_LOOKUP
+from regex import TIME_SPEC_REGEX
 
 debug = logging.getLogger("util").debug
 
@@ -23,6 +24,26 @@ def is_true(s):
 def is_false(s):
     return not is_true(s)
 
+
+def calculate_seconds(timestr, zero_ok=False):
+    # return the number of seconds in a given timestr such as 1d (1 day),
+    # 13w (13 weeks), 5s (5seconds), etc...
+
+    m = TIME_SPEC_REGEX.search(timestr)
+    if not m:
+        raise Exception, "Invalid time specification: string format error: %s", timestr
+
+    units = int(m.group('units'))
+    period = m.group('period') or 's' # seconds is the default
+
+    if units == 0 and not zero_ok:
+        raise Exception, "Invalid time specification: units = 0"
+
+    seconds = units * TIME_SPEC_LOOKUP[period]
+    debug("converted %s to %ld seconds: ", timestr, seconds)
+    return seconds
+
+
 def parse_host(line):
     # parses a line from /etc/hosts.deny
     # returns the ip address

DenyHosts/version.py

@@ -1 +1 @@
-VERSION="0.9.1"
+VERSION="0.9.2"

PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 1.0
 Name: DenyHosts
-Version: 0.9.1
+Version: 0.9.2
 Summary: DenyHosts is a utility to help sys admins thwart ssh hackers
 Home-page: http://denyhosts.sourceforge.net
 Author: Phil Schwartz