Ver Fonte

Switched to using a debug_blocks setting

  True to just print what would have been executed,
  False to just execute it.
david há 3 anos atrás
pai
commit
fe7348247f
2 ficheiros alterados com 18 adições e 13 exclusões
  1. 2 0
      config.py
  2. 16 13
      failUser.py

+ 2 - 0
config.py

@@ -40,6 +40,8 @@ def load_config():
         defaults = {
             # Target hack logs
             "target": "data/data/hack.log",
+            # Just print what whould have been executed or execute it?
+            "debug_blocks": False, # True is just print, False is execute
             # block_time in hours
             "block_time": 4,
             # Last unblock

+ 16 - 13
failUser.py

@@ -18,6 +18,7 @@ myConfig = load_config()
 myfile = myConfig["target"]
 last_run = myConfig["last_unblock"]
 bad_users = myConfig["bad_users"]
+enable_live = myConfig["debug_blocks"]
 
 target = open(myfile, 'r')
 target.seek(0,2)
@@ -27,16 +28,20 @@ dirmask = IN_MODIFY | IN_DELETE | IN_MOVE_SELF | IN_CREATE
 
 def blocker(ip):
     # Utility function to block given ip as string
-    run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
-    #print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
+    if not enable_live:
+        run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
+    else:
+        print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
 def unblocker(ip):
     # Utility function to unblock given ip as string
-    try:
-        run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
-    except CalledProcessError:
-        pass
-    #print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
+    if not enable_live:
+        try:
+            run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
+        except CalledProcessError:
+            pass
+    else:
+        print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
 # def is_bad(line):
 #     # Given line, attempt to parse... then is there a issue with it
@@ -89,9 +94,8 @@ class EventHandler(ProcessEvent):
             for line in target.readlines():
                 luser = is_bad(line.rstrip())
                 if(luser):
-                    for ip in myconfig["good_users"]:
-                        if luser["ip"] == ip:
-                            return # Don't block ourselves
+                    if luser["ip"] in myConfig["good_users"]:
+                        return # Don't block ourselves
                     blocker(luser["ip"])
                     now = pendulum.now().to_atom_string()
                     log.info("Blocked {0} at {1}".format(luser["ip"], now))
@@ -110,9 +114,8 @@ class EventHandler(ProcessEvent):
             for line in target.readlines():
                 luser = is_bad(line.rstrip())
                 if(luser):
-                    for ip in myconfig["good_users"]:
-                        if luser["ip"] == ip:
-                            return # Don't block ourselves
+                    if luser["ip"] in myConfig["good_users"]:
+                        return # Don't block ourselves
                     blocker(luser["ip"])
                     now = pendulum.now().to_atom_string()
                     log.info("Blocked {0} at {1}".format(luser["ip"], now))