From daa6416b136fcbe44dfc1876e502cde4cea0af46 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 2 May 2013 13:41:55 +0200 Subject: [PATCH] Add the timestamp for unban action in the database --- root/etc/cron.daily/cleanup_fail2ban | 4 ++-- root/sbin/e-smith/smeserver-fail2ban | 19 ++++++++++++++----- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/root/etc/cron.daily/cleanup_fail2ban b/root/etc/cron.daily/cleanup_fail2ban index 4fb9203..aefb4c9 100644 --- a/root/etc/cron.daily/cleanup_fail2ban +++ b/root/etc/cron.daily/cleanup_fail2ban @@ -14,8 +14,8 @@ my $bantime = $f2b->prop('BanTime') || '1800'; my $mod = 0; foreach my $ban ($f->get_all_by_prop( type => 'ban')){ - my $ts = $ban->prop('Timestamp') || time; - if ( ($ts + $bantime) < time ){ + my $ts = $ban->prop('UnbanTimestamp') || time+$bantime; + if ( $ts < time ){ $ban->delete; $mod = 1; } diff --git a/root/sbin/e-smith/smeserver-fail2ban b/root/sbin/e-smith/smeserver-fail2ban index b9d77a7..6a4e7c4 100644 --- a/root/sbin/e-smith/smeserver-fail2ban +++ b/root/sbin/e-smith/smeserver-fail2ban @@ -6,20 +6,22 @@ use esmith::ConfigDB; use Getopt::Long; our $f2bdb = esmith::ConfigDB->open('fail2ban'); +our $c = esmith::ConfigDB->open_ro; our %opts; sub usage(){ print<<"EOF"; -Usage: $0 --host= [--unban] [--protocol=tcp|udp|icmp|all] [--port=] +Usage: $0 --host= [--unban] [--protocol=tcp|udp|icmp|all] [--port=] [--bantime] * --host must specify a valid IPv4 adress in the form 10.11.12.13 * --protocol can be used to specify the protocol to block. Only tcp, udp, icmp and all are valid (default is all) - * --port can be used to specify the port to block. Only valid for tcp and udp. You can also specify a range - of port like 10000:20000 + * --port can be used to specify the port(s) to block. Only valid for tcp and udp. You can also specify a range + of port like 10000:20000. You can also specify several ports or range of port separated by a comma * if --unban is specified, the given host will be removed from the blacklist default is to add to the blacklist instead + * --bantime can be used to specify how long the ban should be (in seconds) EOF } @@ -60,14 +62,19 @@ sub generate_uniq_id(){ return $id; } +my $f2b = $c->get('fail2ban') || + die "fail2ban service not found in the configuration database\n" + # default is to ban a host $opts{unban} = '0'; +$opts{bantime} = $f2b->prop('BanTime') || '1800'; GetOptions( "host=s" => \$opts{host}, "unban" => \$opts{unban}, "protocol=s" => \$opts{proto}, - "port=s" => \$opts{port} + "port=s" => \$opts{port}, + "bantime=i" => \$opts{bantime} ); # special "undef" value for port and proto @@ -112,7 +119,9 @@ else{ $f2bdb->set_prop($id, 'Port', $opts{port}) if ($opts{port}); # Set the current timestamp - $f2bdb->set_prop($id, 'Timestamp', time()); + $f2bdb->set_prop($id, 'BanTimestamp', time()); + # Set the timestamp of the unban + $f2bdb->set_prop($id, 'UnbanTimestamp', time()+$opts{bantime}); } die "An error occured while updating the firewall rules"