|
|
@@ -4,41 +4,93 @@ from json.decoder import JSONDecodeError
|
|
|
import pendulum
|
|
|
from subprocess import run, PIPE
|
|
|
from os.path import exists, join
|
|
|
+from pyinotify import WatchManager, Notifier, ProcessEvent
|
|
|
+from pyinotify import IN_MODIFY, IN_DELETE, IN_MOVE_SELF, IN_CREATE
|
|
|
+import sys
|
|
|
|
|
|
# Branch off the logging into a seperate file
|
|
|
from config import log
|
|
|
|
|
|
-TARGET = join("bbs", join("logs", "enigma-bbs.log"))
|
|
|
+myfile = join("bbs", "logs", "enigma-bbs.log")
|
|
|
+TARGET = open(myfile, 'r')
|
|
|
+TARGET.seek(0,2)
|
|
|
+
|
|
|
+WM = WatchManager()
|
|
|
+dirmask = IN_MODIFY | IN_DELETE | IN_MOVE_SELF | IN_CREATE
|
|
|
|
|
|
def blocker(ip):
|
|
|
# Utility function to block given ip as string
|
|
|
- # call = run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
- print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
+ call = run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
+ # print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
|
|
|
def is_bad(line):
|
|
|
# Given line, attempt to parse... then is there a issue with it
|
|
|
# Returns a python dict with ip and time in log
|
|
|
try:
|
|
|
- j = loads(l)
|
|
|
+ j = loads(line)
|
|
|
if j["msg"] == "Attempt to login with banned username":
|
|
|
r = {}
|
|
|
r["ip"] = "{0}".format(j["ip"][7:])
|
|
|
r["time"] = j["time"]
|
|
|
return r
|
|
|
except JSONDecodeError:
|
|
|
- log.error("Failed to decode line, '{0}'".format(l))
|
|
|
+ log.error("Failed to decode line, '{0}'".format(line))
|
|
|
+
|
|
|
+class EventHandler(ProcessEvent):
|
|
|
+ def process_IN_MODIFY(self, event):
|
|
|
+ if myfile not in join(event.path, event.name):
|
|
|
+ return
|
|
|
+ else:
|
|
|
+ luser = is_bad(TARGET.readline().rstrip())
|
|
|
+ if(luser):
|
|
|
+ blocker(luser["ip"])
|
|
|
+ now = pendulum.now().to_datetime_string()
|
|
|
+ log.info("Blocked {0} at {1}".format(luser["ip"], now))
|
|
|
+
|
|
|
+ def process_IN_MOVE_SELF(self, event):
|
|
|
+ log.debug("Log file moved... continuing read on stale log!")
|
|
|
+
|
|
|
+ def process_IN_CREATE(self, event):
|
|
|
+ if myfile in join(event.path, event.name):
|
|
|
+ TARGET.close()
|
|
|
+ TARGET = open(myfile, 'r')
|
|
|
+ log.debug("Log file created... Catching up!")
|
|
|
+ for line in TARGET.readlines():
|
|
|
+ luser = is_bad(line.rstrip())
|
|
|
+ if(luser):
|
|
|
+ blocker(luser["ip"])
|
|
|
+ now = pendulum.now().to_datetime_string()
|
|
|
+ log.info("Blocked {0} at {1}".format(luser["ip"], now))
|
|
|
+ TARGET.seek(0,2)
|
|
|
+ return
|
|
|
+
|
|
|
+notifier = Notifier(WM, EventHandler())
|
|
|
+index = myfile.rfind("/")
|
|
|
+WM.add_watch(myfile[:index], dirmask)
|
|
|
+
|
|
|
+while True:
|
|
|
+ try:
|
|
|
+ notifier.process_events()
|
|
|
+ if notifier.check_events():
|
|
|
+ notifier.read_events()
|
|
|
+ except KeyboardInterrupt:
|
|
|
+ break
|
|
|
+
|
|
|
+notifier.stop()
|
|
|
+TARGET.close()
|
|
|
+sys.exit(0)
|
|
|
|
|
|
# Collecting banned users
|
|
|
-lusers = {}
|
|
|
-with open(TARGET, "r") as f:
|
|
|
- for l in f:
|
|
|
- user = is_bad(l)
|
|
|
- if user:
|
|
|
- lusers[user["ip"]] = user["time"]
|
|
|
+# lusers = {}
|
|
|
+# with open(TARGET, "r") as f:
|
|
|
+# for l in f:
|
|
|
+# user = is_bad(l)
|
|
|
+# if user:
|
|
|
+# lusers[user["ip"]] = user["time"]
|
|
|
|
|
|
# Itterate over all blocked users
|
|
|
-for u in lusers:
|
|
|
- print("Blocking {0}".format(u))
|
|
|
- blocker(u)
|
|
|
- now = pendulum.now()
|
|
|
- log.info("Blocked {0} at {1}".format(u, now.to_datetime_string()))
|
|
|
+# for u in lusers:
|
|
|
+# print("Blocking {0}".format(u))
|
|
|
+# blocker(u)
|
|
|
+# now = pendulum.now()
|
|
|
+# log.info("Blocked {0} at {1}".format(u, now.to_datetime_string()))
|
