diff --git a/firewall/firewall.py b/firewall/firewall.py index 72ecc7cd..c65fe57c 100644 --- a/firewall/firewall.py +++ b/firewall/firewall.py @@ -27,6 +27,9 @@ __license__ = "GPL" import time, os class Firewall: + """ Manages the ban list and executes the command that ban + the IP. + """ banList = dict() @@ -35,26 +38,32 @@ class Firewall: self.logSys = logSys def addBanIP(self, ip, debug): + """ Bans an IP. + """ if not self.inBanList(ip): self.logSys.info("Ban "+ip) self.banList[ip] = time.time() - self.executeCmd(self.banIP(ip), debug) + self.__executeCmd(self.banIP(ip), debug) else: self.logSys.info(ip+" already in ban list") def delBanIP(self, ip, debug): + """ Unban an IP. + """ if self.inBanList(ip): self.logSys.info("Unban "+ip) del self.banList[ip] - self.executeCmd(self.unBanIP(ip), debug) + self.__executeCmd(self.unBanIP(ip), debug) else: self.logSys.info(ip+" not in ban list") def inBanList(self, ip): + """ Checks if IP is in ban list. + """ return self.banList.has_key(ip) def checkForUnBan(self, debug): - """ Check for user to remove from ban list. + """ Check for IP to remove from ban list. """ banListTemp = self.banList.copy() iterBanList = banListTemp.iteritems() @@ -66,13 +75,18 @@ class Firewall: self.delBanIP(ip, debug) def flushBanList(self, debug): + """ Flushes the ban list and of course the firewall rules. + Called when fail2ban exits. + """ iterBanList = self.banList.iteritems() for i in range(len(self.banList)): element = iterBanList.next() ip = element[0] self.delBanIP(ip, debug) - def executeCmd(self, cmd, debug): + def __executeCmd(self, cmd, debug): + """ Executes an OS command. + """ self.logSys.debug(cmd) if not debug: return os.system(cmd) @@ -80,6 +94,8 @@ class Firewall: return None def viewBanList(self): + """ Prints the ban list on screen. Usefull for debugging. + """ iterBanList = self.banList.iteritems() for i in range(len(self.banList)): element = iterBanList.next()