|
@@ -2,7 +2,7 @@
|
|
|
from json import loads, dumps
|
|
from json import loads, dumps
|
|
|
from json.decoder import JSONDecodeError
|
|
from json.decoder import JSONDecodeError
|
|
|
import pendulum
|
|
import pendulum
|
|
|
-from subprocess import run, PIPE
|
|
|
|
|
|
|
+from subprocess import run, PIPE, CalledProcessError
|
|
|
from os.path import exists, join
|
|
from os.path import exists, join
|
|
|
from pyinotify import WatchManager, Notifier, ProcessEvent
|
|
from pyinotify import WatchManager, Notifier, ProcessEvent
|
|
|
from pyinotify import IN_MODIFY, IN_DELETE, IN_MOVE_SELF, IN_CREATE
|
|
from pyinotify import IN_MODIFY, IN_DELETE, IN_MOVE_SELF, IN_CREATE
|
|
@@ -27,26 +27,35 @@ dirmask = IN_MODIFY | IN_DELETE | IN_MOVE_SELF | IN_CREATE
|
|
|
|
|
|
|
|
def blocker(ip):
|
|
def blocker(ip):
|
|
|
# Utility function to block given ip as string
|
|
# Utility function to block given ip as string
|
|
|
- #run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
|
|
- print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
|
|
|
|
+ run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
|
|
+ #print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
|
|
|
|
|
def unblocker(ip):
|
|
def unblocker(ip):
|
|
|
# Utility function to unblock given ip as string
|
|
# Utility function to unblock given ip as string
|
|
|
- #run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
|
|
- print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
|
|
|
|
+ try:
|
|
|
|
|
+ run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
|
|
|
|
|
+ except CalledProcessError:
|
|
|
|
|
+ pass
|
|
|
|
|
+ #print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
|
|
|
|
|
|
|
|
def is_bad(line):
|
|
def is_bad(line):
|
|
|
|
|
+ global bad_users
|
|
|
# Given line, attempt to parse... then is there a issue with it
|
|
# Given line, attempt to parse... then is there a issue with it
|
|
|
# Returns a python dict with ip and time in log
|
|
# Returns a python dict with ip and time in log
|
|
|
if line: # Do we actually have something?
|
|
if line: # Do we actually have something?
|
|
|
try:
|
|
try:
|
|
|
j = loads(line)
|
|
j = loads(line)
|
|
|
#if j["msg"] == "Attempt to login with banned username":
|
|
#if j["msg"] == "Attempt to login with banned username":
|
|
|
- if j["username"] in bad_users:
|
|
|
|
|
- r = {}
|
|
|
|
|
- r["ip"] = "{0}".format(j["ip"][7:])
|
|
|
|
|
- r["time"] = j["time"]
|
|
|
|
|
- return r
|
|
|
|
|
|
|
+ try:
|
|
|
|
|
+ if j["username"] in bad_users or j["msg"] == "Attempt to login with banned username":
|
|
|
|
|
+ if j["username"] not in bad_users:
|
|
|
|
|
+ bad_users.append(j["username"])
|
|
|
|
|
+ r = {}
|
|
|
|
|
+ r["ip"] = "{0}".format(j["ip"][7:])
|
|
|
|
|
+ r["time"] = j["time"]
|
|
|
|
|
+ return r
|
|
|
|
|
+ except KeyError:
|
|
|
|
|
+ pass
|
|
|
except JSONDecodeError:
|
|
except JSONDecodeError:
|
|
|
log.error("Failed to decode line, '{0}'".format(line))
|
|
log.error("Failed to decode line, '{0}'".format(line))
|
|
|
|
|
|
|
@@ -116,6 +125,7 @@ target.close()
|
|
|
|
|
|
|
|
# Update config
|
|
# Update config
|
|
|
myConfig["last_unblock"] = last.to_atom_string()
|
|
myConfig["last_unblock"] = last.to_atom_string()
|
|
|
|
|
+myConfig["bad_users"] = bad_users
|
|
|
save_config(myConfig)
|
|
save_config(myConfig)
|
|
|
|
|
|
|
|
exit(0)
|
|
exit(0)
|
root