Coding comments/suggestions - first python script - sshd/ftpd blocking

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • avinashc@yahoo.com
    #1

    Coding comments/suggestions - first python script - sshd/ftpd blocking

    If anyone is interested in a /etc/hosts.deny automatic update script
    (Unix only) based on sshd/vsftpd attacks, here's a python script:
    BlockHosts - automatic additions to /etc/hosts.allow
    http://www.aczoom.com/tools/blockhosts/
    BlockHosts - block IP addresses based on SSHD or FTPD failures - Avinash Chopde


    This is a beta release, and my first attempt at Python coding.
    Any comments, suggestions, pointers on using more common Python idioms
    or example coding snippets, etc, welcome!

    Thanks!

    Tags: None
    • bruno modulix
      #2
      Re: Coding comments/suggestions - first python script - sshd/ftpdblocking

      avinashc@yahoo. com wrote:[color=blue]
      > If anyone is interested in a /etc/hosts.deny automatic update script
      > (Unix only) based on sshd/vsftpd attacks, here's a python script:
      > http://www.aczoom.com/tools/blockhosts/
      >
      > This is a beta release, and my first attempt at Python coding.
      > Any comments, suggestions, pointers on using more common Python idioms
      > or example coding snippets, etc, welcome![/color]

      First thing: I had *many* indentation errors (emacs + python_mode on a
      linux-box). *Please* take care of this.

      I just gave a quick glance, not even pretending to really understand
      what the code do, so what follow are just some general advices:

      ***
      def die(msg, ex=None):
      print msg
      if ex: print ex
      sys.exit(1)

      - errors messages (including usage) should be written to stderr (stdout
      is for normal output)
      - you may want to use positional arguments (*args) instead of 'ex'

      def die(msg, *args):
      print >> sys.stderr, msg
      for ex in args:
      print >> sys.stderr, ex
      sys.exit(1)

      ***
      class LockFile:
      (...)
      def lock(self):
      try:
      try:
      self.fp = open(self.path, "r+")
      # r+ prevents trashing the file!
      except Exception, e :

      You should use IOError instead of Exception here.
      *Always* use the most specific exception class possible.

      if e.errno == errno.ENOENT: # no such file

      Here if you have anything else than an IOError (well, anything that
      doesn't have a 'errno' attribute), you'll get an AttributeError. ..
      (...)

      if DEBUG: print " ... first r+ lock file open failed, so opened
      with w+ mode"

      You may want to define a 'debug_trace' function (or use an existing
      trace/log lib) that encapsulate the test...

      ***
      class BlockHosts:
      (...)
      def load_hosts_deny (self, logoffsets):
      self.__remainin g_lines = []

      if self.__verbose: print " ... hosts.deny: loading from ", self.__denyfile

      Same as for DEBUG : you may want to encapsulate the test in a method.

      HTH
      Bruno
      --
      bruno desthuilliers
      python -c "print '@'.join(['.'.join([w[::-1] for w in p.split('.')]) for
      p in 'onurb@xiludom. gro'.split('@')])"

        Comment

        Previous template Next
        Working...