|  | @@ -14,9 +14,9 @@ import json
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  yes_regex = re.compile(r'([yY][eE][sS]|[yY])+$')
 | 
	
		
			
				|  |  |  if re.search(yes_regex, os.getenv('SKIP_FAIL2BAN', 0)):
 | 
	
		
			
				|  |  | -	print "SKIP_FAIL2BAN=y, Skipping Fail2ban container..."
 | 
	
		
			
				|  |  | -	time.sleep(31536000)
 | 
	
		
			
				|  |  | -	raise SystemExit
 | 
	
		
			
				|  |  | +  print "SKIP_FAIL2BAN=y, Skipping Fail2ban container..."
 | 
	
		
			
				|  |  | +  time.sleep(31536000)
 | 
	
		
			
				|  |  | +  raise SystemExit
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  r = redis.StrictRedis(host='172.22.1.249', decode_responses=True, port=6379, db=0)
 | 
	
		
			
				|  |  |  pubsub = r.pubsub()
 | 
	
	
		
			
				|  | @@ -38,151 +38,151 @@ log = {}
 | 
	
		
			
				|  |  |  quit_now = False
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def ban(address):
 | 
	
		
			
				|  |  | -	BAN_TIME = int(r.get("F2B_BAN_TIME"))
 | 
	
		
			
				|  |  | -	MAX_ATTEMPTS = int(r.get("F2B_MAX_ATTEMPTS"))
 | 
	
		
			
				|  |  | -	RETRY_WINDOW = int(r.get("F2B_RETRY_WINDOW"))
 | 
	
		
			
				|  |  | -	WHITELIST = r.hgetall("F2B_WHITELIST")
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	ip = ipaddress.ip_address(address.decode('ascii'))
 | 
	
		
			
				|  |  | -	if type(ip) is ipaddress.IPv6Address and ip.ipv4_mapped:
 | 
	
		
			
				|  |  | -		ip = ip.ipv4_mapped
 | 
	
		
			
				|  |  | -		address = str(ip)
 | 
	
		
			
				|  |  | -	if ip.is_private or ip.is_loopback:
 | 
	
		
			
				|  |  | -		return
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	self_network = ipaddress.ip_network(address.decode('ascii'))
 | 
	
		
			
				|  |  | -	if WHITELIST:
 | 
	
		
			
				|  |  | -		for wl_key in WHITELIST:
 | 
	
		
			
				|  |  | -			wl_net = ipaddress.ip_network(wl_key.decode('ascii'), False)
 | 
	
		
			
				|  |  | -			if wl_net.overlaps(self_network):
 | 
	
		
			
				|  |  | -				log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -				log['priority'] = "info"
 | 
	
		
			
				|  |  | -				log['message'] = "Address %s is whitelisted by rule %s" % (self_network, wl_net)
 | 
	
		
			
				|  |  | -				r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -				print "Address %s is whitelisted by rule %s" % (self_network, wl_net)
 | 
	
		
			
				|  |  | -				return
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	net = ipaddress.ip_network((address + ('/24' if type(ip) is ipaddress.IPv4Address else '/64')).decode('ascii'), strict=False)
 | 
	
		
			
				|  |  | -	net = str(net)
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	if not net in bans or time.time() - bans[net]['last_attempt'] > RETRY_WINDOW:
 | 
	
		
			
				|  |  | -		bans[net] = { 'attempts': 0 }
 | 
	
		
			
				|  |  | -		active_window = RETRY_WINDOW
 | 
	
		
			
				|  |  | -	else:
 | 
	
		
			
				|  |  | -		active_window = time.time() - bans[net]['last_attempt']
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	bans[net]['attempts'] += 1
 | 
	
		
			
				|  |  | -	bans[net]['last_attempt'] = time.time()
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	active_window = time.time() - bans[net]['last_attempt']
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -	if bans[net]['attempts'] >= MAX_ATTEMPTS:
 | 
	
		
			
				|  |  | -		log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -		log['priority'] = "crit"
 | 
	
		
			
				|  |  | -		log['message'] = "Banning %s" % net
 | 
	
		
			
				|  |  | -		r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -		print "Banning %s for %d minutes" % (net, BAN_TIME / 60)
 | 
	
		
			
				|  |  | -		if type(ip) is ipaddress.IPv4Address:
 | 
	
		
			
				|  |  | -			subprocess.call(["iptables", "-I", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -			subprocess.call(["iptables", "-I", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -		else:
 | 
	
		
			
				|  |  | -			subprocess.call(["ip6tables", "-I", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -			subprocess.call(["ip6tables", "-I", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -		r.hset("F2B_ACTIVE_BANS", "%s" % net, log['time'] + BAN_TIME)
 | 
	
		
			
				|  |  | -	else:
 | 
	
		
			
				|  |  | -		log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -		log['priority'] = "warn"
 | 
	
		
			
				|  |  | -		log['message'] = "%d more attempts in the next %d seconds until %s is banned" % (MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
 | 
	
		
			
				|  |  | -		r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -		print "%d more attempts in the next %d seconds until %s is banned" % (MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
 | 
	
		
			
				|  |  | +  BAN_TIME = int(r.get("F2B_BAN_TIME"))
 | 
	
		
			
				|  |  | +  MAX_ATTEMPTS = int(r.get("F2B_MAX_ATTEMPTS"))
 | 
	
		
			
				|  |  | +  RETRY_WINDOW = int(r.get("F2B_RETRY_WINDOW"))
 | 
	
		
			
				|  |  | +  WHITELIST = r.hgetall("F2B_WHITELIST")
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  ip = ipaddress.ip_address(address.decode('ascii'))
 | 
	
		
			
				|  |  | +  if type(ip) is ipaddress.IPv6Address and ip.ipv4_mapped:
 | 
	
		
			
				|  |  | +    ip = ip.ipv4_mapped
 | 
	
		
			
				|  |  | +    address = str(ip)
 | 
	
		
			
				|  |  | +  if ip.is_private or ip.is_loopback:
 | 
	
		
			
				|  |  | +    return
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  self_network = ipaddress.ip_network(address.decode('ascii'))
 | 
	
		
			
				|  |  | +  if WHITELIST:
 | 
	
		
			
				|  |  | +    for wl_key in WHITELIST:
 | 
	
		
			
				|  |  | +      wl_net = ipaddress.ip_network(wl_key.decode('ascii'), False)
 | 
	
		
			
				|  |  | +      if wl_net.overlaps(self_network):
 | 
	
		
			
				|  |  | +        log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +        log['priority'] = "info"
 | 
	
		
			
				|  |  | +        log['message'] = "Address %s is whitelisted by rule %s" % (self_network, wl_net)
 | 
	
		
			
				|  |  | +        r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +        print "Address %s is whitelisted by rule %s" % (self_network, wl_net)
 | 
	
		
			
				|  |  | +        return
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  net = ipaddress.ip_network((address + ('/24' if type(ip) is ipaddress.IPv4Address else '/64')).decode('ascii'), strict=False)
 | 
	
		
			
				|  |  | +  net = str(net)
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  if not net in bans or time.time() - bans[net]['last_attempt'] > RETRY_WINDOW:
 | 
	
		
			
				|  |  | +    bans[net] = { 'attempts': 0 }
 | 
	
		
			
				|  |  | +    active_window = RETRY_WINDOW
 | 
	
		
			
				|  |  | +  else:
 | 
	
		
			
				|  |  | +    active_window = time.time() - bans[net]['last_attempt']
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  bans[net]['attempts'] += 1
 | 
	
		
			
				|  |  | +  bans[net]['last_attempt'] = time.time()
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  active_window = time.time() - bans[net]['last_attempt']
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +  if bans[net]['attempts'] >= MAX_ATTEMPTS:
 | 
	
		
			
				|  |  | +    log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +    log['priority'] = "crit"
 | 
	
		
			
				|  |  | +    log['message'] = "Banning %s" % net
 | 
	
		
			
				|  |  | +    r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +    print "Banning %s for %d minutes" % (net, BAN_TIME / 60)
 | 
	
		
			
				|  |  | +    if type(ip) is ipaddress.IPv4Address:
 | 
	
		
			
				|  |  | +      subprocess.call(["iptables", "-I", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +      subprocess.call(["iptables", "-I", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +    else:
 | 
	
		
			
				|  |  | +      subprocess.call(["ip6tables", "-I", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +      subprocess.call(["ip6tables", "-I", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +    r.hset("F2B_ACTIVE_BANS", "%s" % net, log['time'] + BAN_TIME)
 | 
	
		
			
				|  |  | +  else:
 | 
	
		
			
				|  |  | +    log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +    log['priority'] = "warn"
 | 
	
		
			
				|  |  | +    log['message'] = "%d more attempts in the next %d seconds until %s is banned" % (MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
 | 
	
		
			
				|  |  | +    r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +    print "%d more attempts in the next %d seconds until %s is banned" % (MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def unban(net):
 | 
	
		
			
				|  |  | -	log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -	log['priority'] = "info"
 | 
	
		
			
				|  |  | -	r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -	if not net in bans:
 | 
	
		
			
				|  |  | -		log['message'] = "%s is not banned, skipping unban and deleting from queue (if any)" % net
 | 
	
		
			
				|  |  | -		r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -		print "%s is not banned, skipping unban and deleting from queue (if any)" % net
 | 
	
		
			
				|  |  | -		r.hdel("F2B_QUEUE_UNBAN", "%s" % net)
 | 
	
		
			
				|  |  | -		return
 | 
	
		
			
				|  |  | -	log['message'] = "Unbanning %s" % net
 | 
	
		
			
				|  |  | -	r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -	print "Unbanning %s" % net
 | 
	
		
			
				|  |  | -	if type(ipaddress.ip_network(net.decode('ascii'))) is ipaddress.IPv4Network:
 | 
	
		
			
				|  |  | -		subprocess.call(["iptables", "-D", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -		subprocess.call(["iptables", "-D", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -	else:
 | 
	
		
			
				|  |  | -		subprocess.call(["ip6tables", "-D", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -		subprocess.call(["ip6tables", "-D", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | -	r.hdel("F2B_ACTIVE_BANS", "%s" % net)
 | 
	
		
			
				|  |  | -	r.hdel("F2B_QUEUE_UNBAN", "%s" % net)
 | 
	
		
			
				|  |  | -	del bans[net]
 | 
	
		
			
				|  |  | +  log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +  log['priority'] = "info"
 | 
	
		
			
				|  |  | +  r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +  if not net in bans:
 | 
	
		
			
				|  |  | +    log['message'] = "%s is not banned, skipping unban and deleting from queue (if any)" % net
 | 
	
		
			
				|  |  | +    r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +    print "%s is not banned, skipping unban and deleting from queue (if any)" % net
 | 
	
		
			
				|  |  | +    r.hdel("F2B_QUEUE_UNBAN", "%s" % net)
 | 
	
		
			
				|  |  | +    return
 | 
	
		
			
				|  |  | +  log['message'] = "Unbanning %s" % net
 | 
	
		
			
				|  |  | +  r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +  print "Unbanning %s" % net
 | 
	
		
			
				|  |  | +  if type(ipaddress.ip_network(net.decode('ascii'))) is ipaddress.IPv4Network:
 | 
	
		
			
				|  |  | +    subprocess.call(["iptables", "-D", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +    subprocess.call(["iptables", "-D", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +  else:
 | 
	
		
			
				|  |  | +    subprocess.call(["ip6tables", "-D", "INPUT", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +    subprocess.call(["ip6tables", "-D", "FORWARD", "-s", net, "-j", "REJECT"])
 | 
	
		
			
				|  |  | +  r.hdel("F2B_ACTIVE_BANS", "%s" % net)
 | 
	
		
			
				|  |  | +  r.hdel("F2B_QUEUE_UNBAN", "%s" % net)
 | 
	
		
			
				|  |  | +  del bans[net]
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def quit(signum, frame):
 | 
	
		
			
				|  |  | -	global quit_now
 | 
	
		
			
				|  |  | -	quit_now = True
 | 
	
		
			
				|  |  | +  global quit_now
 | 
	
		
			
				|  |  | +  quit_now = True
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def clear():
 | 
	
		
			
				|  |  | -	log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -	log['priority'] = "info"
 | 
	
		
			
				|  |  | -	log['message'] = "Clearing all bans"
 | 
	
		
			
				|  |  | -	r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -	print "Clearing all bans"
 | 
	
		
			
				|  |  | -	for net in bans.copy():
 | 
	
		
			
				|  |  | -		unban(net)
 | 
	
		
			
				|  |  | -	pubsub.unsubscribe()
 | 
	
		
			
				|  |  | +  log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +  log['priority'] = "info"
 | 
	
		
			
				|  |  | +  log['message'] = "Clearing all bans"
 | 
	
		
			
				|  |  | +  r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +  print "Clearing all bans"
 | 
	
		
			
				|  |  | +  for net in bans.copy():
 | 
	
		
			
				|  |  | +    unban(net)
 | 
	
		
			
				|  |  | +  pubsub.unsubscribe()
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def watch():
 | 
	
		
			
				|  |  | -	log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -	log['priority'] = "info"
 | 
	
		
			
				|  |  | -	log['message'] = "Watching Redis channel F2B_CHANNEL"
 | 
	
		
			
				|  |  | -	r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -	pubsub.subscribe("F2B_CHANNEL")
 | 
	
		
			
				|  |  | -	print "Subscribing to Redis channel F2B_CHANNEL"
 | 
	
		
			
				|  |  | -	while True:
 | 
	
		
			
				|  |  | -		for item in pubsub.listen():
 | 
	
		
			
				|  |  | -			for rule_id, rule_regex in RULES.iteritems():
 | 
	
		
			
				|  |  | -				if item['data'] and item['type'] == 'message':
 | 
	
		
			
				|  |  | -					result = re.search(rule_regex, item['data'])
 | 
	
		
			
				|  |  | -					if result:
 | 
	
		
			
				|  |  | -						addr = result.group(1)
 | 
	
		
			
				|  |  | +  log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +  log['priority'] = "info"
 | 
	
		
			
				|  |  | +  log['message'] = "Watching Redis channel F2B_CHANNEL"
 | 
	
		
			
				|  |  | +  r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +  pubsub.subscribe("F2B_CHANNEL")
 | 
	
		
			
				|  |  | +  print "Subscribing to Redis channel F2B_CHANNEL"
 | 
	
		
			
				|  |  | +  while True:
 | 
	
		
			
				|  |  | +    for item in pubsub.listen():
 | 
	
		
			
				|  |  | +      for rule_id, rule_regex in RULES.iteritems():
 | 
	
		
			
				|  |  | +        if item['data'] and item['type'] == 'message':
 | 
	
		
			
				|  |  | +          result = re.search(rule_regex, item['data'])
 | 
	
		
			
				|  |  | +          if result:
 | 
	
		
			
				|  |  | +            addr = result.group(1)
 | 
	
		
			
				|  |  |              ip = ipaddress.ip_address(addr.decode('ascii'))
 | 
	
		
			
				|  |  |              if ip.is_private or ip.is_loopback:
 | 
	
		
			
				|  |  |                continue
 | 
	
		
			
				|  |  | -						print "%s matched rule id %d" % (addr, rule_id)
 | 
	
		
			
				|  |  | -						log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | -						log['priority'] = "warn"
 | 
	
		
			
				|  |  | -						log['message'] = "%s matched rule id %d" % (addr, rule_id)
 | 
	
		
			
				|  |  | -						r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | -						ban(addr)
 | 
	
		
			
				|  |  | +            print "%s matched rule id %d" % (addr, rule_id)
 | 
	
		
			
				|  |  | +            log['time'] = int(round(time.time()))
 | 
	
		
			
				|  |  | +            log['priority'] = "warn"
 | 
	
		
			
				|  |  | +            log['message'] = "%s matched rule id %d" % (addr, rule_id)
 | 
	
		
			
				|  |  | +            r.lpush("F2B_LOG", json.dumps(log, ensure_ascii=False))
 | 
	
		
			
				|  |  | +            ban(addr)
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  def autopurge():
 | 
	
		
			
				|  |  | -	while not quit_now:
 | 
	
		
			
				|  |  | -		BAN_TIME = int(r.get("F2B_BAN_TIME"))
 | 
	
		
			
				|  |  | -		MAX_ATTEMPTS = int(r.get("F2B_MAX_ATTEMPTS"))
 | 
	
		
			
				|  |  | -		QUEUE_UNBAN = r.hgetall("F2B_QUEUE_UNBAN")
 | 
	
		
			
				|  |  | -		if QUEUE_UNBAN:
 | 
	
		
			
				|  |  | -			for net in QUEUE_UNBAN:
 | 
	
		
			
				|  |  | -				unban(str(net))
 | 
	
		
			
				|  |  | -		for net in bans.copy():
 | 
	
		
			
				|  |  | -			if bans[net]['attempts'] >= MAX_ATTEMPTS:
 | 
	
		
			
				|  |  | -				if time.time() - bans[net]['last_attempt'] > BAN_TIME:
 | 
	
		
			
				|  |  | -					unban(net)
 | 
	
		
			
				|  |  | -		time.sleep(10)
 | 
	
		
			
				|  |  | +  while not quit_now:
 | 
	
		
			
				|  |  | +    BAN_TIME = int(r.get("F2B_BAN_TIME"))
 | 
	
		
			
				|  |  | +    MAX_ATTEMPTS = int(r.get("F2B_MAX_ATTEMPTS"))
 | 
	
		
			
				|  |  | +    QUEUE_UNBAN = r.hgetall("F2B_QUEUE_UNBAN")
 | 
	
		
			
				|  |  | +    if QUEUE_UNBAN:
 | 
	
		
			
				|  |  | +      for net in QUEUE_UNBAN:
 | 
	
		
			
				|  |  | +        unban(str(net))
 | 
	
		
			
				|  |  | +    for net in bans.copy():
 | 
	
		
			
				|  |  | +      if bans[net]['attempts'] >= MAX_ATTEMPTS:
 | 
	
		
			
				|  |  | +        if time.time() - bans[net]['last_attempt'] > BAN_TIME:
 | 
	
		
			
				|  |  | +          unban(net)
 | 
	
		
			
				|  |  | +    time.sleep(10)
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  if __name__ == '__main__':
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -	watch_thread = Thread(target=watch)
 | 
	
		
			
				|  |  | -	watch_thread.daemon = True
 | 
	
		
			
				|  |  | -	watch_thread.start()
 | 
	
		
			
				|  |  | +  watch_thread = Thread(target=watch)
 | 
	
		
			
				|  |  | +  watch_thread.daemon = True
 | 
	
		
			
				|  |  | +  watch_thread.start()
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -	autopurge_thread = Thread(target=autopurge)
 | 
	
		
			
				|  |  | -	autopurge_thread.daemon = True
 | 
	
		
			
				|  |  | -	autopurge_thread.start()
 | 
	
		
			
				|  |  | +  autopurge_thread = Thread(target=autopurge)
 | 
	
		
			
				|  |  | +  autopurge_thread.daemon = True
 | 
	
		
			
				|  |  | +  autopurge_thread.start()
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -	signal.signal(signal.SIGTERM, quit)
 | 
	
		
			
				|  |  | -	atexit.register(clear)
 | 
	
		
			
				|  |  | +  signal.signal(signal.SIGTERM, quit)
 | 
	
		
			
				|  |  | +  atexit.register(clear)
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -	while not quit_now:
 | 
	
		
			
				|  |  | -		time.sleep(0.5)
 | 
	
		
			
				|  |  | +  while not quit_now:
 | 
	
		
			
				|  |  | +    time.sleep(0.5)
 |